Breeze taken off wordpress.org?

I can see that Breeze is not longer on the WordPress repository. Usually, plugins are taken down due to serious security concerns not being addressed?

I would like an explanation of this too. I haven’t been able to find any information in regards as to why it was taken down.

I would do an edit, but I get a 403 error here when I try, so I’ll follow up with a new post. This is what I have found:

https://www.pluginvulnerabilities.com/2019/07/22/our-plugin-security-checker-caught-an-authenticated-open-redirect-vulnerability-in-breeze/

1 Like

It would also be important to note that his vulnerability is no longer valid and is not exploitable in the current version. I just wander if lack of communication from the developers about the issue being resolved is why this got taken down from wordpress.org

I just received notification from Wordfence that…
The Plugin “Breeze” has been removed from wordpress.org

Does anyone have any info on this?

Normally, this is NOT a good sign. Could it be that it is just a transition as I learned that Breeze has been updated and maybe the OLD version is no longer supported but things have not yet updated in wordpress.org? (trying to be optimistic.)

Normally when a plugin is no longer supported by Wordpress.org it means that the plugin has been abandoned and that it is a security risk. This is what is concerning me.

What should we do? I have many sites that have this.

Thank you.

There’s currently a thread about this going on via the Cloudways closed Facebook group.

There’s an official response there which I will copy/paste below. The short story is that it was pulled automatically because the WP plugin repository couldn’t make email contact with the plugin development team (due to emails bouncing I think).

Anyway, here’s the copy/paste:

Update: We received an email from the plugin review team. According to them our emails bounced and they were unable to send us notifications.
It has nothing to do with security or violation of policy. The plugin will be back soon and you can continue using it without any issues.

Update 2: We are awaiting the plugin review team’s action. It seems like no one is available from their end at this hour. They should probably get to us in a few hours and we will have our plugin back online again.

Wow. Thanks for sharing this info!

No worries :slight_smile:

Hi all,

Breeze - WordPress Cache plugin is back online.

There was no security flaw or bad code in the plugin. It was taken down because one of our emails bounced back and Plugin Review team temporarily closed the plugin thinking the author was no longer available.

Upon fixing the email issue the Plugin Review team notified us that a single JS file is being called from an external source that should be fixed and we should use internal JS files.

Fixes didn’t take us time but the turn around time of the review team is slow, considering they are hell busy.

Thankfully everything is back up and operational. Hope you all love the new Breeze version.