I found hidden backdoor in codecanyon item


I found 2 hidden backdoor in a codecanyon Script. Which is hidden in image file. I have purchased the script for 125$.

What should i do now?


Follow this link please:

I am not asking about Envato vulnerability, i am asking about author script. A author sell php script via codecanyon and in the php script author intentionally or not embedded a backdoor in his selling script.

Just inform the author and request an update.


The reply from @123Simples is correct. Please use the Vulnerability Disclosure contact form to report this. I’ll link it below for you.

This form should be used to report vulnerabilities in items as well, otherwise Envato cannot perform their disclosure responsibilities to other buyers.

Thank you. I understand