@ DP_PN if you tested and its safe thenn you or anybody is free to use this plugin, i got no obligations.
As for LFI i cant detail because many forum will get jacked if i provide poc, but juts telling you it's "traversal sequences method"
if i was you then i would have not used this plugin, not atol. + author is very lazy to respond or to fix sqli so no point informing him new vulnerabilities , dunno
EDIT: dp_pn there is no bug in payment gateway itself, its a bug(vul) in the php code in plugin. dont worry no one can steal your money
1.8.x
MySubscriptions 2.0.1 [Latest]
Submitted by Bitdefender, 07-06-2016, 02:37 PM, Thread ID: 21596
Thread Closed