Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
Or… instead of waiting you can contact plugins [at] wordpress.org now and they can contact the author directly via email or remove the plugin.
That would be more responsible IMHO.
Mika Epstein told me that i had to contact author first … then if no response, email p @ wp.org 😐 So what now ?
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
In all things, I defer to Mika. She’s very wise. 😉
The author is SEO Peter and his page http://vitamin.seopeter.com/vitamin-1-0-0-is-here/ has your comment as well as his reply.
Hopefully you’ll get that email he mentioned in his comment reply and you can sort out the security issue with him.
Edit: And there’s the reply!
Please note, that this is my first GPL released plugin here in wordpress.org. Even if there were a few testers, there may be an error or some security issues.
Any help from you guys is very … helpful.
Any security issues will be repaired as soon as possible.
Thanks for every your reaction!
Guys, I did everything, that is written in http://wordpress.org/extend/plugins/about/svn/ in Task 3: “Tagging” a new version, but there is still version 1.0.0 not 1.1.
And I updated both files, where were problems.
Is there something, how to force it?
Do not let people use the 1.0.0! It’s vulnerable …
Why can we keep old version ? In case of multiple WordPress comptibility version.
Here, the 1.0.0 have to be upgraded, not downloaded anymore.
I recommand to use “Stable Tag: trunk” in your “readme.txt” in place of 1.1
Also, i just mailed you some others flaws. See you !
Security issue (that we talked) solved in version 1.1.0
Minor security issues solved in 1.2.0.
Big thanks, Julio Potier!