Update CAC Featured Content Plugin on WP Repo
Per the email sent from WP on 9/26 "Security issue with your wordpress.org plugin"
Your plugin is bundled with a vulnerable version of TimThumb. We have reason to believe that your plugin is being actively exploited on sites.
Please update the plugin immediately with the latest version of TimThumb, or remove TimThumb, and release a new version of the plugin.
The latest version of TimThumb is http://code.google.com/p/timthumb/source/browse/trunk/timthumb.php.When releasing a security update, we want users to be as comfortable as possible. To encourage them to update, we suggest:
- Don’t bundle new enhancements or features in your version.
- Update the minor version, for example 2.1.7 to 2.1.8, rather than 2.1.7 to 3.0.
- Include an “Update Notice” in the readme.txt file, informing them their site may be insecure and they need to update immediately. See http://wordpress.org/extend/plugins/about/readme.txt.