Here is my latest vulnerability test report: http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-four-premium.html
Based on the purchase statistics, over 6,000 sites could be affected
contact the authors from their profile pages
I have tried that + email, but there has been no responses. I would not like to publish any issues before fixes are available.
And now it seems my post was marked as inappropriate. What next – ban?
I have tried that + email, but there has been no responses. I would not like to publish any issues before fixes are available. And now it seems my post was marked as inappropriate. What next – ban?
probably because you don’t have any “purchase” badge, so you are officially admitting the use of illegal products of themeforest… unless you need to log with another account, that you probably used to purchase the file.
I have checked the TOS . I have been testing “live preview” versions and confirming the findings by testing few customer sites – which I’m not disclosing.
I do security testing on behalf of developers and their customers. I don’t have any business interests. If this is considered as “illegal” or hostile in this forum, I don’t have much reasons to hang around and contact developers. But I will keep testing.
Hey jannefi, thanks for reporting these issues. Unfortunately our forum rules doesn’t allow calling out specific items or authors on the marketplaces.
I’d be more than interested to check those themes but you need to contact Envato Support, we’ll check those items and take actions if necessary.
Thanks for understanding. Locking this one for the aforementioned reasons.
- Please read our community guidelines. Self promotion and discussion of piracy is not allowed.
- Open a support ticket if you would like specific help with your account, deposits or purchases.
- Item Support by authors is optional and may vary. Please see the Support tab on each item page.
Most of all, enjoy your time here. Thank you for being a valued Envato community member.