• johnbairdconsulting

    (@johnbairdconsulting)


    The plugin had a vulnerability that allowed an attacker to delete any posts & pages from a site without needing an account.

    They were notified on Feb 8th and it was fixed April 23rd. Over 2 months to add a few lines of code.

    This plugin is not seriously maintained and such a simple vulnerability indicates a lack of care.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author LeadConnector

    (@varunvairavanlc)

    Hey @johnbairdconsulting,
    This is fixed in version 1.8.
    Apologies for the delay in pushing the update, there was some blocker for solving this, that’s why it took longer than expected. We are working on improving our turnaround time, Thanks.

    Thread Starter johnbairdconsulting

    (@johnbairdconsulting)

    I left this review over 1 month ago bro.

    Over a month to fix simple security issue

    Over a month to respond to reviews

    All signs that this project is the absolute lowest priority to the developers and can’t be depended on. It takes like 2 minutes to respond to a review and 1 hour to fix the bug.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this review.