Hi Noah,
Should I follow the same procedure as done in Google Analyticator and post the vulnerability issue here itself?
Thanks & regards,
Nitin Venkatesh
Does this have anything to do with WhytoShy?
I don’t know what WhytoShy is, so probably not…
Hi,
Could I get an acknowledgement please? Is there an email ID I could send my report to?
Thanks & regards,
Nitin Venkatesh
whyToShy seems to be the facebook app whose ID is linked in settings somewhere.
@vasu: Nope, that does not seem to be the issue from my guess.
func.php has the app id harcoded
see: http://prntscr.com/7dqxb3
@vasu: That is definitely not the issue I am referring to in my case.
Hi Plugin Authors,
Could you please acknowledge this thread and is there an email ID I can send the report to?
Nitin
Hi Nitin,
I’m looking at this vulnerability, can you please contact me and clarify what you see?
http://grimmdude.com/contact
Thanks,
-Garrett
Hi Garrett,
Thank you. I have written to you at the specified contact form. Please do get back to me should you require any further information.
Thanks & regards,
Nitin
This vulnerability has been resolved.
-Garrett
Thank you Garrett for the update. As mentioned in the e-mail conversation, a disclosure with the Proof-of-Concept code will be published on Aug 9,2015 (45 days from the day of update release).
Thanks & regards,
Nitin Venkatesh
