Extension Updates! EasyBlog 5.3 Released! Tons of new exciting features and improvements... 馃寪 鉂わ笍 馃帀

EasyDiscuss ver 3.1.8872 Critical Security Download

EasyDiscuss ver 3.1.8872 Critical Security Download

ed-security-2.jpgWe would like to make an important announcement to all users of EasyDiscuss. We received a report from a user that there is a minor vulnerability in EasyDiscuss. If you are using version 3.1.8872 and below, you are urged to download the latest version now and re-install it in your sites. For web developers, you also need to help your clients' sites to be updated with this latest version.

EasyDiscuss version 3.1.8872 is already reinforced with the fixes and you are already safe from any potential hacks. Login to your Dashboard now and download EasyDiscuss and install it over your existing copy.

We would like to also urge anyone who downloaded EasyDiscuss other than from StackIdeas.com itself to be aware of this vulnerability especially if you installed it in your clients' sites.

You can make a change now and download a valid license of EasyDiscuss for peace of mind. 



Comments (11)

This is frustrating. I have a paid version of all your products and i did not receive any email about this update.
Atleast notify your paid users via email that you have this critical issue. You guys are always very active sending offers and promotion but never receive an email about this that matters most.

If i did not check your site today for documentation i will not see this news.

Hi Johan,

Thank you for your feedback. Yes, we've missed that out about telling our users about this critical download. We are already queing a blast to all our users about this important message. Thank you for your support!

Comment was last edited about 5 years ago by Andrew Rogers Andrew Rogers

I am agree with Johan.
Other paid extensions by others developer always notice about security update via newsletter (eg anything-digital, jomsocial).

Monthon, yep agreed. This was our bad and we thought we wanted to notify users quickly through the blogs first. Lesson learnt! Newsletter first then blog post :)

P/S: We have already sent a newsletter.

hey guys, i think you should provide a quick patch for all user to fix that critical security issue! my subscription is expired and i can't use at the moment your offer for renewal. so what shall i do now? you have my emailadress..please send me patch files to fix that problem on my 3.1.8683 Version!

Rene, we'll be uploading the file in the forums instead

I am having difficulty finding information on exactly what the vulnerability is and what the fix was. I have tried to diff the downloads for 3.1.8872 and 3.1.8683 but there is a significant number of changes in a lot of minified js files and I am guessing not all of them are fixing the vulnerability. Is this information online somewhere and I have just missed it?

(In my case I have made modifications to EasyDiscuss and I will need to manually patch the vulnerability.)


Hello Katryn,

We have recently posted a patch here http://stackideas.com/forums/security-patch-download-easydiscuss-3-1-8872 Please download the file attached in this forum post for the security patch Hope this helps. :)


Guys, please head on to http://stackideas.com/forums/security-patch-download-easydiscuss-3-1-8872 and download the patch file.

Unable to download the attachment, can you upload the fix here or if possible mail it across . thnx

It works now on the url given ! thnx

There are no comments posted here yet