Hoping this gets fixed ASAP .
I noticed this posting today and I’m also very concerned.
I am wondering why the developer hasn’t replied (here). I sent him a message and hope that he’ll fix this and reply soon. Security issues are always a primary concern of mine.
Or, did you hear directly from the developer that this has been fixed already?
- Has been a member for 3-4 years
- Attended a Community Meetup
- Repeatedly Helped protect Envato Marketplaces against copyright violations
- Bought between 50 and 99 items
- Community Ambassador
- Beta Tester
- Contributed a Tutorial to a Tuts+ Site
- Envato Staff
I posted it in the comments of the plugin page and the author replied. He didn’t seem to understand what he was looking at (the exploit code). Not a good sign.
I also submitted a ticked directly to Envato and was told it was being escalated, but I haven’t heard from them in three days. Also not a good sign.
Sorry guys. Thanks for pointing me to this. I am already working on a fix and a secure upload.
KingDog saidI did file a ticket about this. Three days ago I was told the ticket was being elevated, then today I got this response:
Good idea on contacting the author. If you don’t hear back from him, please contact Support as well. I removed the link to prevent possible problems. Thanks!
I am currently away on vacation celebrating another year of being alive
I will not be able to respond to emails. If this is an urgent matter please contact http://support.envato.com who would be happy to assist you.
I will reply to your email as soon as possible upon my return. Thank you for your patience and have a great day!Kind Regards, Drew
That doesn’t bode well for the level of perceived concern Envato places on the security of the products sold through your marketplace.
^ willc, your first contact made through support channel or direct message to Drew? From my experience, this kind of gaps has no chance to occur if a ticket opened on support.
VF saidI went back and looked, and the first response I got was from Drew on the 28th:
^ Your first contact made through support channel or direct message to Drew? From my experience, this kind of gaps has no chance to occur through support.
Hi Will,Then the next thing I got was the message above about Drew’s vacation today.
Thank you for your email to Envato support. I am forwarding this along to the necessary staff for inspection, we’ll be in touch as soon as we can. Thanks!
Please let me know if I can be of further assistance.Kind Regards, Drew
Then the next thing I got was the message above about Drew’s vacation today.
Yes but Radykal just posted here that he’s currently working on a fix. Some bugs are easy to fix, some more difficult, so give him a few days and there will probably be an update that you can download from your downloads page.