This is a security report, all content was safely copied to internal documents, and removed from the public for safety reasons.
Hello Anthony and Shane, I deleted (trashed) the conversation in the ticket due to security reasons, this is why you will not see the single replies here anymore.
We have all the data that is required and was submitted in the report safely saved on our end and will analyze the issue and eventually adjust what needs to be adjusted with the adequate priority.
Thank you for your patience and understanding.
I appreciate everyone's attention to this issue and trust that it will get handled appropriately.
Have a good day, everyone!
Hello - I'd like to inform, that we (our developers) have taken several measures to address the reported issues.
All adjustments will be released within upcoming releases of the affected plugins. I can't state ETA's about, but it will be in the subsequent released for the plugins related.
There still may be some false alarms left (especially in the embedded Twig library) but these have been reviewed by us (again, the developers 🙂 ) and we didn't see any actual vulnerabilities for those left over.
We also contacted with WPMU DEV Defender and their Developers in turn have made some changes to the code of the plugin to handle alarms (and false alarms) better.
As well there the updates are due within next releases.
Thank you for reporting the issue to us, and for your patience.
We appreciate it and it helps improving the plugins.
