Security Concern – TapaTalk

  • If you’re site is using TapaTalk, update now! There was a security flaw found in TapaTalk and they decided NOT to inform anyone or advise anyone to update their files.

    I did not find out until today, when I just happen to scroll over and found a post about it.

    They even publicly admit to patching it silently, but NOT issuing a release or any notice telling people they should replace their files (because they did not even bother changing the version number either).

    So I can only imagine how many sites are using the other copy without knowing they have a problem. This is completely irresponsible.

    Hi,

    This issue has been addressed in April 26th, 9 days before this site published the issue. However, since this is a low risk item – we have simply replaced all the plugins that are affected. If this is concerning you and If you have updated the plugin after April 26th, you are not affected.

    Source:

Viewing 3 replies - 1 through 3 (of 3 total)

  • If you are referring to https://www.ads-software.com/plugins/tapatalk/ please contact plugins [at] wordpress [dot] org with all of the relevant details.

    Thread Starter Socially Uncensored

    (@socially-uncensored)

    @esmi I am indeed referring to the TapaTalk plugin. I suspect WordPress will not do much about it except to maybe confirm, but which the problem is; is TapaTalk knows, but does not want to make a public announcement, even with a fix being out (their own words, that I quoted and provided source).

    Thread Starter Socially Uncensored

    (@socially-uncensored)

    That is what is odd… They patched it and have the fix, but did not tell anyone to apply the fix.

    So if you’re using v 1.01 since it was release, they re-released 1.01 without saying a word. Meaning if you were early to adapt, you now have an unsecure copy.

    That is really messed up in my opinion.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Security Concern – TapaTalk’ is closed to new replies.