As you may know, yesterday we learned about a serious vulnerability in two popular WordPress plugins available for sale on CodeCanyon: Revolution Slider and Showbiz Pro (WordPress).
This vulnerability allows remote attackers to access the servers of all sites using early versions of these plugins. We expect numerous websites to potentially be at risk and are moving to help buyers secure their sites immediately.
Please read the official announcement on the Market Blog for:
- Detailed information such as versions affected
- Advice for concerned buyers
- A list of all themes that reference either Revolution Slider or Showbiz Pro in their item description as well as bundles that included the themes or plugins
We take security very seriously at Envato and would like to apologize to all buyers affected by this incident. We are reviewing our communication systems to make sure we find out and alert buyers faster in future.