Plugin Removed

Got an email yesterday from Ipstenu that she removed the CM Download Manager https://ww.wp.xz.cn/plugins/cm-download-manager/ because of an Exploit
“Your plugin has had to be temporarily withdrawn from the WordPress plugin repository due to an exploit.”

The Exploit has been solved three days ago and the researcher which found the exploit already published this as a fixed issue http://www.openwall.com/lists/oss-security/2014/12/02/4

At the time the plugin was removed the fix has been on the repository for more than 24 hours and the changelog showed this

Please return the plugin, by taking the plugin off most users can’t update the plugin. Also there is no reason to take it off since it was fixed and the exploit was closed

i think ww.wp.xz.cn should have a better procedure to handle cases like this. In this case before taking it off you should have contact us (the developer) or at least look at the change log to see if we already answered the exploit

By removing it the harm is bigger since the fixed version can no longer be reached

Please let me know who can be contacted to return the plugin to the repository