After successfully reaching the JED last week, our new extension for inserting Youtube, Vimeo and Dailymotion videos into a Joomla! website through the use of a lightbox, allCineVid, was taken down due to a suspected SQL injection flaw.
After looking into the issue, we found that there is an unwarranted condition that can be inserted in the URL string, though we are at the understanding that it is not a major risk because it is limited by the ID condition in the string. Regardless, a fix has been applied and we recommend that users upgrade to the the latest version of the extension.
If you have any questions regarding this extension, please do not hesitate to contact us directly.