While we were busy working on some new features to be added into Convert Pro, we came across a vulnerability issue in the existing plugin that we fixed.
This marks the release of Convert Pro version 1.3.6 and the Convert Pro Addon version 1.2.0 today!
It is highly recommended that you update Convert Pro and the Convert Pro Addon to the latest version now!
Let us take a quick look at what exactly happened –
One of our existing users, Dany Bach informed us about a vulnerability issue that he came across while using one of our products.
We took immediate action and worked along with him to fix it in a few hours. This update is a resultant of the successful elimination of the vulnerability issue.
We haven’t heard of any website or server being affected with this as of now.
What are we doing about this?
As mentioned above, we’ve added a vulnerability fix in the most recent versions of Convert Pro and the Convert Pro Addon – version 1.3.6 and 1.2.0 respectively.
We have checked for the nonce, sanitized input fields and replaced unserialized functions with json_dcode functions that make it secure and prevent any such security breach in the future. Apart from this, we are also taking the following actions –
- Released an immediate automatic update with a notification in the WordPress dashboard.
- Informing all the Convert Pro users
- Taking all precautionary measures and are actively working with security experts to ensure no other vulnerability is present in Convert Pro and all the other products.
Immediate Action Required!
Since this is a security update, we do not want any of our users to risk their server information. Therefore, it is highly recommended that you update Convert Pro to version 1.3.6 and the Convert Pro Addon to version 1.2.0 so that you can sit back and relax! 🙂
While we sincerely apologize for the inconvenience caused, we assure you that this incident has made our team’s commitment to providing quality along with security even stronger. We are constantly working to make sure our products are secure and reliable.
If you have any questions or concerns about the incident, please feel free to get in touch with us at support[at]bsf[dot]io.