Today we discovered that someone had used an exploit in a third party plugin on the Tapatalk support forums,
Absolutely - if this is a common 3rd party XF add-on, then we all need to know!!which one?
They specifically said 3rd party - so if it turned out to be their own, that would make they complete liars and not just bad to business, but utter disastrous!Knowing Tapatalk, it probably was their own add-on that had the exploit [...]
... The code was located in such a way that any entry of a password would have been logged. I will pass the code to the Xenforo developers so that it can be looked at for a clearer picture of what happened.
FYI ... if you disable the TapaTalk plugin, users are still able to access the site using TT app, even 6+ hours later and seeing new posts.
just rename /mobiquo
Thanks, done that (rename) ... my post was to share info with others, in case they too think that disabling the add-on should mean it's not functional anymore.Why just disable it? Uninstalling it and deleting all the files seems to be the smart choice.
FYI ... https://xenforo.com/community/threa...scloses-emails-and-passwords-but-which.88906/I didn't see it posted here yet
1. Optimized in-app registration for smoother and safer information transaction.
2. Added 'Automatic approval for users registered from Tapatalk' option in forum admin CP.
3. Support for auto-set forum API key.
4. Enhanced security of code.
No more or less than it ever has been. Its up to you. Either your users want it and you want to provide it or you don't. Haven't had any issues with it that wasn't experienced on VB.Anyone confirm is Tapatalk plug in is secure / should I use it? I only migrated to Xenforo on Saturday and my users are crying out to replace the old vbulletin mobile apps.
No more or less than it ever has been. Its up to you. Either your users want it and you want to provide it or you don't. Haven't had any issues with it that wasn't experienced on VB.
We use essential cookies to make this site work, and optional cookies to enhance your experience.