It has come to my attention, thanks to forum user neroz, that there is a small XSS vulnerability in Ditto 2.0.2. Although 2.1 is nearly ready, I will be away for the next 10 days or so and do not wish to release something I will not be able to support. Therefore, I’ve created a patched version of Ditto 2.0.2, which has now been released as 2.0.3
To find out more about the dangers of XSS check out http://www.cgisecurity.com/articles/xss-faq.shtml.
Note: The results per page addon has been patched as well. You can get it from the repository
Thanks for the heads up and RAPID fix!
Off to update.