Secure Version Not Very Secure

I paid for the “Secure” version of this plugin…

The pdf direct download link is in plain text in the page source and post headers (pdfemb-serveurl) 🙁

Instructions say uploading the PDF in the securepdfs/ folder ensures security and enabling the secure settings creates a backdoor path, not so. I was able to directly access the file from a browser without using a referrer header and download the file. A content Bot would have no issues scraping PDFs.

Caveat Emptor

On a positive note, the plugin does have a small memory footprint, that should help with page load speed 🙂