Shopp, an e-commerce plugin for WordPress, has just released version 1.1.9.1, a security patch recommended for all users. This release addresses a security vulnerability related to catalog searches. The plugin’s developers discovered the issue when a member of their community reported it to them.
You can read more about the vulnerability and the fix on the Shopp blog, but in short: update if you’re using it on any of your sites.
As one of the first commercial WordPress plugins, I can’t think of another plugin that has had higher expectations and yet, a longer development cycle.
Bummer.