I will contact the author. It is also not a security issue.
However - this is something your webhost should have done something about. Allowing the browsing of directories without an index file is poor form and if it applies there it will apply everywhere. It is to protect against this form that many plugins come with an empty index.php file.
To stop this:
in Notepad/textedit create a new file called index.php
You don't have enter anything in it, it just has to be called that.
Using ftp or your webhost file manager upload that into any directory that does not have any index file. (If it does have an index.php or .html or .anything else do not do this)
That will stop this.
There is a way to do this with .htaccess but I forget right now.
But the real people you should contact is your webhost because as I said it's bad form.