By Paul on Dec 26, 2015 at 4:06 AM
Today's releases of all 4 supported WSN series include a security update for a potential SQL injection in the RSS feed. The vulnerability may allow access to information the attacker shouldn't be able to see. As far as I can see it doesn't allow data alterations or user privledge escalation or anything like that, but updating is strongly advised.
As you may know, the 8.0 series has been scheduled to be discountinued at the end of the year. I've decided to extend that so 8.0 continues to get security fixes until at least Febuary 15th 2016. I'll provide access to 9.0 to everyone by January 15th to ensure that even those who don't pay upgrade fees have a chance to update their sites before security updates on their old version cease. I'll send an email to those accounts when I update their access.