Hello again,
The list includes all themes that mention either Slider Revolution or Showbiz Pro in their item descriptions, even those that are already using patched versions of the plugin. We’re doing this so we cover a range of scenarios such as a buyer purchasing a now-updated theme back when it was still using a vulnerable version.
Hope that makes sense 
natman saidHello again,
The list includes all themes that mention either Slider Revolution or Showbiz Pro in their item descriptions, even those that are already using patched versions of the plugin. We’re doing this so we cover a range of scenarios such as a buyer purchasing a now-updated theme back when it was still using a vulnerable version.
Hope that makes sense
This doesn’t make sense when the theme was released after Feb 2014 and has never had a vulnerable version of Revslider anywhere near it though? Seriously, I have multiple themes on the list that shouldn’t be anywhere near either list since they were released well after the patch!
thepainterman saidGotta laugh at the authors clambering to get their theme of the list for fear of it affecting sales and not worrying about their customers who maybe don’t update often and would be unware of any issues , if it were not for the full list, that they are affected. They’d be the kind of authors I’d avoid.
Please note word '‘unsecure’ means a lot, even if theme has secure plugin. How a normal buyer is supposed to understand this, who is even not aware of difference between HTML template and WP theme, which is general support forum and which is item comment section?
Issue is with the word - unsecure. Creating a separate list for themes with revolution updated and with message - buyer need to update this theme will do the work.
Under unsecure - place themes which are not updated.
If buyer ‘old or new’ gets theme name under both:
Themes yet to offer a secure update and … This is the concern for authors
Themes already offering a secure update
what he will understand at first glance?
Regarding worrying about customers updating theme I think author can not do much except pushing update and check option to inform buyer when update is approved.
Holy crap, this was announced 6 days ago, and I only got an email NOW about this? C’mon Envato, you guys can do better than this.
Thanks for the email Envato! Even with all the forum posts I actually didn’t realise I had purchased a vulnerable theme until receiving that email.
I have just re-downloaded the theme and patched the customers website with the updated plugin version.
(also scanned through the access log for any attempts to exploit it, all good no issues there)
Cheers!
warned them about this exactly 1 year ago, got ignored…
TOLD YOU SO!
Oh FFS, why is Envato now emailing the buyers of some of my themes that were never vulnerable, even from version 1 of the theme, as the theme was released with rev slider versions after 4.2, right now you’re costing me support time and weakening my buyer confidence.
I had a few affected themes by this, and I’m glad buyers of those themes are getting emails, that’s awesome, but why the hell are you emailing buyers of themes that are not affected by this!?
EDIT: Oh wait, I know why these buyers are getting emails, it’s because of your lazy list making in the first place. It’s not excusable that because you’re too lazy to actually check the themes in your ‘potentially affected’ list that you’re now emailing my buyers about an issue that never existed in certain themes, your laziness is now costing me time, great.
tommusrhodus saidOh FFS, why is Envato now emailing the buyers of some of my themes that were never vulnerable, even from version 1 of the theme, as the theme was released with rev slider versions after 4.2, right now you’re costing me support time and weakening my buyer confidence.
I had a few affected themes by this, and I’m glad buyers of those themes are getting emails, that’s awesome, but why the hell are you emailing buyers of themes that are not affected by this!?
EDIT: Oh wait, I know why these buyers are getting emails, it’s because of your lazy list making in the first place. It’s not excusable that because you’re too lazy to actually check the themes in your ‘potentially affected’ list that you’re now emailing my buyers about an issue that never existed in certain themes, your laziness is now costing me time, great.
some harsh words there but the point is that not only is damaging to you as an author but also is damaging to the marketplace.
Staff involved should do their job better when this type of delicate situation happens.
You can’t mix everything together, you actually need to check if that theme had been affected or not then add the theme to the mix.
Logically, if a theme had been uploaded after the date that those plugins had been updated there are great chances that the theme never had a problem and should not be included in the “scary” list.
But it is also true that the authors of themes uploaded after the fixed date may had used a vulnerable version of the plugin while building the theme and never updated even if they got the item on sales months after.
In that case staff should check the old zip archives (if exist) and also contact the author to get more info about what initial version of the plugin they’ve used.
doru saidsome harsh words there
Yeah, sorry, should have given it 10mins or so just to cool down
Hi, I have an affected theme and followed the instructions to get Rev Slider 4.6 onto my site. However, it’s not functioning as expected, and a lot of the UI is wonky:
The plugin is not displaying the slides at all. I can’t add new slides to the existing slider nor can I create a new slider. The buttons are just not responsive.
Where can I get a proper ZIP of v4.6?
ronibrunn saidHi, I have an affected theme and followed the instructions to get Rev Slider 4.6 onto my site. However, it’s not functioning as expected, and a lot of the UI is wonky:
The plugin is not displaying the slides at all. I can’t add new slides to the existing slider nor can I create a new slider. The buttons are just not responsive.
Where can I get a proper ZIP of v4.6?
Please submit a ticket at our Support Portal or an email via our Profile page
Seems like some css / jQuery conflict. Has nothing to do with the zip you downloaded, but more with your theme and plugins you installed. We will give you some help asap.
Thanks a lot,
ThemePunch
I’m not angry, just… we are all loosing money as if current clients are sending support tickets to know why my theme is on the list I can only imagine that new customers are probably chcecking that list too and making a bad decision of NOT buying an item only on a FALSE accusation that the theme has security issues. That said, may I know 2 things dear Envato staff?
PS. In my opinion if YOU made a mess by putting someones theme on the list when it shouldn’t be there in the first place then you should make someone in the staff responsible for daily updates of that list to clean YOUR mess up.
UPDATE: 16 hours later… still no asnwer… still on the list… still loosing clients… all because someone is too lazy to fix their damn error.
RafalBorowski saidYour theme is under secure themes list since at least yesterday when I checked :)UPDATE: 16 hours later… still no asnwer… still on the list… still loosing clients… all because someone is too lazy to fix their damn error.
Can you consider creating separate posts for :
Themes yet to offer a secure update
Themes already offering a secure update
As those try searching theme name (using search option) hurriedly directly by opening above links in separate window, instead of scrolling may get confused by getting theme name under both (and also do not notice that these are ids on same page not separate pages )
http://marketblog.envato.com/general/affected-themes/#unsecure
http://marketblog.envato.com/general/affected-themes/#secure
Ignore if I was the only dumb
Is the actual fix to update the plugin?
Or is the plan to not use the plugin at all I am seeing mixed messages.
ssystems saidIs the actual fix to update the plugin?
Or is the plan to not use the plugin at all I am seeing mixed messages.
The fix is available since February 2014, and the Plugin is safe to use. We are now at version 4.6.0 and 4.6.1 will be released very soon.
Please always make sure that you use the latest stable version of all your plugins to have the latest bugs fixed, have the most latest features available and to have the best compatibility with your current WP installation.
Thanks a lot,
ThemePunch
themepunch saidssystems saidIs the actual fix to update the plugin?
Or is the plan to not use the plugin at all I am seeing mixed messages.
The fix is available since February 2014, and the Plugin is safe to use. We are now at version 4.6.0 and 4.6.1 will be released very soon.
Please always make sure that you use the latest stable version of all your plugins to have the latest bugs fixed, have the most latest features available and to have the best compatibility with your current WP installation.
Thanks a lot,
ThemePunch
Thanks for your help!
tansh saidCan you consider creating separate posts for :
Themes yet to offer a secure update Themes already offering a secure updateAs those try searching theme name (using search option) hurriedly directly by opening above links in separate window, instead of scrolling may get confused by getting theme name under both (and also do not notice that these are ids on same page not separate pages )
http://marketblog.envato.com/general/affected-themes/#unsecure
http://marketblog.envato.com/general/affected-themes/#secureIgnore if I was the only dumb
@tansh separate posts isn’t an option unfortunately, but I’ve italicised the themes already offering a secure update so hopefully that helps distinguish them