The free forums are no longer in use. It remains available as read-only archive.
April 26, 2013
The vulnerability has been addressed, we are waiting for the JED team to enable it back. Meanwhile, you can download it from our Downloads page http://www.xcloner.c.....oad/?did=8 .
June 19, 2017
This is the entry at vel.joomla.org_vel-blog_1670-xcloner-backup-and-restore-com-cloner-3-5-2 (with slashes replaced by _):
"Published: 14 June 2015
XCloner Backup and Restore [com_cloner], 3.5.2, probably previous, multiple vulnerabilities"
The latest version at your link is 3.5.2, and when one opens the zip archive, the files are all dated 2014-02-26, which is very long before the vulnerability was listed.
The questions is thus: where are the changes? Also, if all the issues listed by the VEL were fixed, why did you not update them so it can be listed in the VEL resolved list instead? It is such great software, but it's the only one of the extensions I use which fails the VEL test, and savvy clients don't want that (neither do I).