The list includes all themes that mention either Slider Revolution or Showbiz Pro in their item descriptions, even those that are already using patched versions of the plugin. We’re doing this so we cover a range of scenarios such as a buyer purchasing a now-updated theme back when it was still using a vulnerable version.
The list includes all themes that mention either Slider Revolution or Showbiz Pro in their item descriptions, even those that are already using patched versions of the plugin. We’re doing this so we cover a range of scenarios such as a buyer purchasing a now-updated theme back when it was still using a vulnerable version.
Hope that makes sense
This doesn’t make sense when the theme was released after Feb 2014 and has never had a vulnerable version of Revslider anywhere near it though? Seriously, I have multiple themes on the list that shouldn’t be anywhere near either list since they were released well after the patch!
Gotta laugh at the authors clambering to get their theme of the list for fear of it affecting sales and not worrying about their customers who maybe don’t update often and would be unware of any issues , if it were not for the full list, that they are affected. They’d be the kind of authors I’d avoid.
Please note word '‘unsecure’ means a lot, even if theme has secure plugin. How a normal buyer is supposed to understand this, who is even not aware of difference between HTML template and WP theme, which is general support forum and which is item comment section?
Issue is with the word - unsecure. Creating a separate list for themes with revolution updated and with message - buyer need to update this theme will do the work.
Under unsecure - place themes which are not updated.
If buyer ‘old or new’ gets theme name under both:
Themes yet to offer a secure update and … This is the concern for authors
Themes already offering a secure update
what he will understand at first glance?
Regarding worrying about customers updating theme I think author can not do much except pushing update and check option to inform buyer when update is approved.
Oh FFS, why is Envato now emailing the buyers of some of my themes that were never vulnerable, even from version 1 of the theme, as the theme was released with rev slider versions after 4.2, right now you’re costing me support time and weakening my buyer confidence.
I had a few affected themes by this, and I’m glad buyers of those themes are getting emails, that’s awesome, but why the hell are you emailing buyers of themes that are not affected by this!?
EDIT: Oh wait, I know why these buyers are getting emails, it’s because of your lazy list making in the first place. It’s not excusable that because you’re too lazy to actually check the themes in your ‘potentially affected’ list that you’re now emailing my buyers about an issue that never existed in certain themes, your laziness is now costing me time, great.
Oh FFS, why is Envato now emailing the buyers of some of my themes that were never vulnerable, even from version 1 of the theme, as the theme was released with rev slider versions after 4.2, right now you’re costing me support time and weakening my buyer confidence.
I had a few affected themes by this, and I’m glad buyers of those themes are getting emails, that’s awesome, but why the hell are you emailing buyers of themes that are not affected by this!?
EDIT: Oh wait, I know why these buyers are getting emails, it’s because of your lazy list making in the first place. It’s not excusable that because you’re too lazy to actually check the themes in your ‘potentially affected’ list that you’re now emailing my buyers about an issue that never existed in certain themes, your laziness is now costing me time, great.
some harsh words there but the point is that not only is damaging to you as an author but also is damaging to the marketplace.
Staff involved should do their job better when this type of delicate situation happens.
You can’t mix everything together, you actually need to check if that theme had been affected or not then add the theme to the mix.
Logically, if a theme had been uploaded after the date that those plugins had been updated there are great chances that the theme never had a problem and should not be included in the “scary” list.
But it is also true that the authors of themes uploaded after the fixed date may had used a vulnerable version of the plugin while building the theme and never updated even if they got the item on sales months after.
In that case staff should check the old zip archives (if exist) and also contact the author to get more info about what initial version of the plugin they’ve used.
Hi, I have an affected theme and followed the instructions to get Rev Slider 4.6 onto my site. However, it’s not functioning as expected, and a lot of the UI is wonky:
The plugin is not displaying the slides at all. I can’t add new slides to the existing slider nor can I create a new slider. The buttons are just not responsive.
Hi, I have an affected theme and followed the instructions to get Rev Slider 4.6 onto my site. However, it’s not functioning as expected, and a lot of the UI is wonky:
The plugin is not displaying the slides at all. I can’t add new slides to the existing slider nor can I create a new slider. The buttons are just not responsive.
Seems like some css / jQuery conflict. Has nothing to do with the zip you downloaded, but more with your theme and plugins you installed. We will give you some help asap.
I’m not angry, just… we are all loosing money as if current clients are sending support tickets to know why my theme is on the list I can only imagine that new customers are probably chcecking that list too and making a bad decision of NOT buying an item only on a FALSE accusation that the theme has security issues. That said, may I know 2 things dear Envato staff?
First, why my item is STILL (I get why it was there initially when you were throwing everyone in one bag like "using Rev Slider? > to the list") on the list even it had 4.3 for a loooong time?
Secondly, I have updated just now to 4.6 just for the sake of it - how to get off that damn list?
PS. In my opinion if YOU made a mess by putting someones theme on the list when it shouldn’t be there in the first place then you should make someone in the staff responsible for daily updates of that list to clean YOUR mess up.
Themes yet to offer a secure update
Themes already offering a secure update
As those try searching theme name (using search option) hurriedly directly by opening above links in separate window, instead of scrolling may get confused by getting theme name under both (and also do not notice that these are ids on same page not separate pages )
Or is the plan to not use the plugin at all I am seeing mixed messages.
The fix is available since February 2014, and the Plugin is safe to use. We are now at version 4.6.0 and 4.6.1 will be released very soon.
Please always make sure that you use the latest stable version of all your plugins to have the latest bugs fixed, have the most latest features available and to have the best compatibility with your current WP installation.
Or is the plan to not use the plugin at all I am seeing mixed messages.
The fix is available since February 2014, and the Plugin is safe to use. We are now at version 4.6.0 and 4.6.1 will be released very soon.
Please always make sure that you use the latest stable version of all your plugins to have the latest bugs fixed, have the most latest features available and to have the best compatibility with your current WP installation.
Themes yet to offer a secure update
Themes already offering a secure update
As those try searching theme name (using search option) hurriedly directly by opening above links in separate window, instead of scrolling may get confused by getting theme name under both (and also do not notice that these are ids on same page not separate pages )
@tansh separate posts isn’t an option unfortunately, but I’ve italicised the themes already offering a secure update so hopefully that helps distinguish them