Following a security audit after the recent security issues found the core Lifetype code, the development team found several critical security issues in the templateeditor plugin.
These issues are considered critical and they could allow an attacker to reveal the content of sensitive files. This security issue affects all versions of Lifetype with the 'templateeditor' plugin installed, up to Lifetype 1.1.6 and Lifetype 1.2-beta2.
A mandatory update for this plugin is available for Lifetype 1.1.x here:
If you are already running Lifetype 1.2-beta2, the fixes have already been merged and are available as part of the nightly plugins snapshot from our Subversion repository:
Despite these latest security issues, security is a top priority for the development team and the internal security audit will continue.