Directorist is Back in the WP Plugin Repository 🎉

In recent developments, a critical security issue was discovered in the Directorist plugin by the Wordfence security team. Next, WordFence passed this information to the WordPress and the plugin was then immediately closed from the WP repository. This vulnerability posed a potential risk to the security and integrity of our users’ websites. The specific details of the security issue are being withheld to prevent exploitation by malicious actors. However, the plugin is restored after the removal of 12 days.

Collaboration with Wordfence and the WordPress Team

Upon being notified about the removal of the plugin through email by WordPress, we immediately initiated collaboration with the WordPress Plugin Review Team. This joint effort has allowed us to leverage the expertise and experience of both parties to swiftly address the issue. We are grateful for the invaluable support and guidance provided by Wordfence and the WordPress Team during this process. We appreciate their efforts in promptly notifying us about the issue, allowing us to take immediate action.

Steps Taken to Fix the Security Issue

Our dedicated development team immediately initiated a thorough investigation of the security vulnerability. After identifying the root cause, we implemented comprehensive fixes instantly to address the issue effectively. The latest version of Directorist, which includes the necessary security patch, has been meticulously crafted to eliminate the vulnerability and protect our users’ websites.

Temporary Closure

As a precautionary measure, the Directorist plugin was temporarily closed from the WordPress Plugin Repository by the WordPress Plugin Review Team. They said that the step was taken to prevent any potential exploitation of the vulnerability while we worked on resolving the issue and submitted the fix within the day. We apologize for any inconvenience this may have caused our users and appreciate your patience during this time. We didn’t have much control over the issue since we didn’t get any prior notice to fix it ASAP.

As part of ensuring user safety, the authority from the WordPress plugin repository made the decision to temporarily close the Directorist plugin from the WordPress Plugin Repository. They shared with us that this proactive measure was taken to prevent any further installations of the vulnerable version and to protect our users’ websites from potential attacks. We understand that this may have caused inconvenience, but it was a necessary step to mitigate the risks associated with the security issue.

Fixing the Issue

Our development team swiftly addressed the security vulnerability and released a fix for the Directorist plugin. The necessary updates have been implemented in the latest version (v7.5.5), which has been submitted to the WordPress Plugin Team for review. We are currently awaiting their response to reinstate the plugin in the WordPress Plugin Repository. The good thing is Wordfence already shows the fixing on their official website.

Ensuring user safety and trust during this process

We understand that the security of your website is of utmost importance. While we await the approval of the fixed version in the WordPress Plugin Repository, we are fully committed to ensuring your safety and trust. Therefore, we have established a temporary solution to provide immediate access to the fixed version. This temporary solution is designed to allow you to download and install the updated version directly from our official website, without having to wait for the official repository update.

It’s Done!

Also, we want to emphasize that we are fully committed to resolving the security issue and ensuring the safety of our users’ websites. We will continue to provide regular updates through our official channels, including our website and social media platforms. We appreciate your patience, understanding, and continued support as we work diligently to address this matter and provide a secure experience for all Directorist users.

Don’t Worry…

At Directorist, the security and satisfaction of our users are of paramount importance to us. We want to assure you that we are actively working to address the security vulnerability discovered and are taking all necessary steps to ensure the safety of our users. We appreciate your support and understanding during this process. Rest assured, your website’s security is our top priority, and we will keep you updated on any further developments.

In the case of the WordPress repository version, we submitted the latest version by fixing the issue and this is still in progress. The fix was made within the day it’s closed and we will have to wait for the response from the WordPress official plugin team. Hence, we would love to say – don’t worry about using Directorist as it’s a matter of time reviewing the product and getting things done finally.

We understand that incidents like these can be alarming, but we firmly believe in the ability of the Directorist team to rectify the situation promptly. We appreciate your understanding, patience, and continued support as we navigate through this security concern together. If you have any further questions or concerns, we recommend reaching out to the Directorist support team directly for the most accurate and up-to-date information. They will be more than happy to assist you in any way they can.

Thanks for your attention!