I have checked the TOS . I have been testing “live preview” versions and confirming the findings by testing few customer sites – which I’m not disclosing.
I do security testing on behalf of developers and their customers. I don’t have any business interests. If this is considered as “illegal” or hostile in this forum, I don’t have much reasons to hang around and contact developers. But I will keep testing.
I have tried that + email, but there has been no responses. I would not like to publish any issues before fixes are available.
And now it seems my post was marked as inappropriate. What next – ban?
Here is my latest vulnerability test report: http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-four-premium.html
Based on the purchase statistics, over 6,000 sites could be affected