1. Jeffro,

    I can confirm that this issue has been patched.

    If WooThemes users are looking to patch their WooFramework during our unfortunate current downtime, we have a process that takes a few quick steps to patch the code.

    Our ninjas are on hand to assist in applying this patch as well. To get in touch with us during our downtime, please e-mail techsupport [at] woothemes.com.

    Our sincerest apologies for the inconvenience caused here.

  2. Here is their status: http://wpengine.wordpress.com/

    Very tough for the guys at Woo. I do agree with Jason a bit. I didn’t agree with the method but the way the update was announced was not right either.

  3. Woo themes have definitely dropped the ball here. When programming, making sure that authentication is working appropriately is the most basic form of security testing and they didn’t do a very good job it would seem.

  4. @Stephen. I am not sure why these guys are targeted though. I think where Woo Themes dropped the ball was when they decided to just not make a big deal out of the update. They treated it as if it was a small update which it was not.

    I like the guys at Woo. Let’s hope they pay more attention to security in the future. And let’s hope the folks targeting them with DDoS attacks get a life.

  5. Steve Bank

    “let’s hope the folks targeting them with DDoS attacks get a life”

    In the last 4 months we’ve had 3 ddos attacks against WordPress people who don’t align with Matt’s vision. The horse has bolted. Condemning the horse and not the people who opened the door is not going to help anyone

Comments are closed.