Security Flaw - TapaTalk
If you're site is using TapaTalk, update now! There was a security flaw found in TapaTalk and they decided NOT to inform anyone or advise anyone to update their files.
I did not find out until today, when I just happen to scroll over and found a post about it.
They even publicly admit to patching it silently, but NOT issuing a release or any notice telling people they should replace their files (because they did not even bother changing the version number either).
So I can only imagine how many sites are using the other copy without knowing they have a problem. This is completely irresponsible. :#
**Direct Quote:
" ** _ Hi,
This issue has been addressed in April 26th, 9 days before this site published the issue. However, since this is a low risk item - we have simply replaced all the plugins that are affected. If this is concerning you and If you have updated the plugin after April 26th, you are not affected. _ "
:End Quote
Source: https://support.tapatalk.com/threads/tapatalk-cross-site-scripting-vulnerability.24719/