amuck-landowner

Why I hate proprietary/closed WP plugins

TruvisT

TruvisT

Server Management Specialist
Verified Provider
Wake up to a ticket at 4am for WP help on a shared plan. Spent an hour with the client but never found any documenation nor any install guides. The developers website was a sign-up with an e-mail so we can spam you(as it was a marketing type plugin I can probably assume this as true).

Due to the errors I found. I had to assume it was an issue with WP or PHP version or the plugin never installed correctly.

Anyway, ended up having to refund in the end but at least the left happy wanting to do business again in the future.

Now I need coffee!
 
wlanboy

wlanboy

Content Contributer
Second that.

Got a nice email today:

Code: 
Hello XXX
We’re getting in touch to inform you about a serious vulnerability in a 
WordPress plugin you purchased as part of an Envato bundle. 
The affected bundle and plugin are:

    The Envato Mobile Bundle
        Slider Revolution Responsive WordPress Plugin

This vulnerability allows attackers to access the servers of all sites 
using plugin versions earlier than version 4.2 (released in February 2014). 
As a result, we recommend you take the following steps to secure your sites and/or themes immediately:

    Make a backup of your site
    While logged in, visit the item page for the plugin: Slider Revolution
    Download the item by clicking on the “Download free update” button
    Locate the downloaded zip file on your computer and unzip it
    Connect to your server using an FTP client and go to the wp-content/plugins/ folder
    Upload the revslider folder to the wp-content/plugins/ folder, overwriting the existing files
    Log into WordPress and go to the Plugins page
    Locate the updated plugin in the list and confirm the version is secure
    Update your server password following password best practices.

If you used this plugin in projects for clients, please help them to secure their sites as well.

We take security very seriously at Envato and would like to apologize to everyone affected. 
More information about the situation and how we are handling it is available in our official announcement.

Thank you for your cooperation and support.
The Envato Team
 
Last edited by a moderator:
You must log in or register to reply here.
Top
amuck-landowner