There are many vulnerabilities in W-Agora, which I informed about the developers in August and recently. But they ignored all my letters about vulnerabilities in W-Agora and officially didn't fix these vulnerabilities (which is bad), but also hiddenly fixed some of these holes at their own site (which is also bad - to fix holes hiddenly without thanking people who found them and without informing users of the system about the vulnerabilities and patches for them). So it's better for developers of W-Agora to fix (officially) all these holes. And users of the system can fix these holes manually, if they don't want to wait for official fixes, or if they will not be made.

List of vulnerabilities in W-Agora: