The Social Warfare plugin was the target of a zero-day exploit on March 21, 2019. We notified all paid customers via email as soon as it was discovered and issued a patch/fix to the WordPress repository within a few hours. Please accept our deepest apologies for any inconvenience this has caused.
Fortunately, there were few points of entry, and the type of code attackers could execute is limited to simple JavaScript (such as redirects) or simple PHP (to print information). Further, _if_ malicious code made its way into your database from our plugin, then it is _only_ in the wp_options table within our social_warfare_settings field. Therefore, no log in credentials, no customer or personal data, no sensitive data – nothing should have been compromised.
