Posted 4 months ago #
I used this plug-in for a while, but I noticed recently that even after I had disabled the plug-in I was getting a LOT of attempted server attacks directed at this script. After seeing the author's site get hacked as well, I would suggest avoiding this plug-in if you aren't confident in your site's security.
(This happened in Wordpress versions 2.7 through 2.8.1, and I think is irrelivent to whether or not the plug-in is enabled or not)
Posted 4 months ago #
This is correct. There was a security flaw in versions prior to 1.9.3 which allowed a malicious user execute potentially dangerous code. Please note that this security hole has been patched in version 1.9.3. Also note that this only effected users with servers which have "register_globals" enabled.
Posted 3 weeks ago #
@all
There was a critical vulnerability in version 2.0. All users are encouraged to upgrade to the latest version.
You must log in to post.
