We do apologise for this security issue and all hacked sites.
We have learned the lesson! As with all modules and themes it is very important that you are always on the latest version to avoid any security threats or other bugs. Security issue was fixed within hours.
It was available as update on themeforest on 15 June 2016. It is essential that all your modules, Prestashop and servers are always updated with the latest release or at least track development process of used software.
Update notifications were sent by themeforest to all customers. I also sent my personal newsletter to all the e-mails I had in my support system database.
Information about hotfix + guide can be found here