In last couple hours we’ve released patch for HostBill versions 4.x available from auto-update plugin and to download directly from:
For manual patch apply please extract archive contents in main HostBill dir.
We strongly recommend upgrading to latest HostBill version (4.6.4 – archive also contains patched files)
We’ve been notified about brute-force attack possible to be performed by logged in customers into other client’s accounts.
Patch was introduced immediately for auto-upgrade feature