Support » Plugin: 3CX Live Chat » Vulnerabilities fully fixed?

  • Resolved alexanderlabrie


    Have the security vulnerabilities reported in the last month been fixed only when using your server or also when disabling the use of your server?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Hi @alexanderlabrie,

    Thank you for getting in touch, we do appreciate your time.

    I can confirm that version 8.0.34, the latest version currently available, includes security patches to all known exploits currently.

    In addition, this new version received overall security improvements to ensure the system is fully secure moving forward, as well as to avoid any further exploitation as seen within the last month.

    We are also currently working on a new version, 8.0.35, which will improve our security layers further as we are changing how data is stored, retrieved, and maintained across all workflows within the chat system.

    I hope this helps?

    • This reply was modified 2 years, 7 months ago by DylanAuty.
    Thread Starter alexanderlabrie


    Great, thanks. One more (unrelated) thing: I’m seeing “The use of a local server will be deprecated in our next major release” in the plugin’s settings. Please don’t deprecate it: you could make it a Pro feature instead.

    Hi @alexanderlabrie,

    Only a pleasure, happy to help.

    We will definitely take your suggestion into consideration before removing the functionality permanently.

    With that said, this feature is still fully functional and will not be removed in any minor updates.

    Thank you again for your time.

    Same here. Please don’t deprecate it: you could make it a Pro feature instead. I would buy it! The use of an external server is a no go in behalf of privacy policy.

    Never ever install any plugin on your production site without first testing it “offline on a local server” — without connection to internet. So this way you can block and trap any vulnerabilities, look all over plugin and strip out any suspect code, and plug vulnerabilities. It shame many people just install plugins on their live sites without doing forensic look at the code. Huge mistake in this age of malware and exploits.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Vulnerabilities fully fixed?’ is closed to new replies.