We just released PayPlans 3.6.3 to address a possible security issue with regards to a vulnerability with IDOR exploits.
In other words, any subscription plans created on PayPlans could be vulnerable to price manipulation. For instance, a user could subscribe to a plan worth $100 plan for as low as $0.01 without being detected.
This bug was discovered in the core file since PayPlans 3.2.x and if your site happens to be running on any version during or after 3.2. It is advisable to download the latest version to rectify this critical issue immediately. The team would also like take the opportunity to thank TechGasp for assisting us with these findings. :)
Should you need any assistance with upgrading to the latest version, please get in touch with us on our forums and our support team will be there to assist you with the update.
For users running on PayPlans 3.5.2
and below, you will first need download
and install PayPlans 3.5.5
on your site. Once that is done, you may then proceed to upgrade to PayPlans 3.6.3
EasySocial 2.1 Beta
On the other hand, we managed to push out EasySocial 2.1 Beta after successfully squashed all reported bugs that came in. We look forward to seeing this feature beast taking the stage real soon. Happy testing! :)