Vanilla 1.1.4
There is a serious vulnerability in Vanilla 1.1.3 and below, allowing remote SQL injection. A security update has been released – upgrading requires just replacing the affected files, as listed on the Vanilla upgrade page.
With exploit code already published this is an urgent mandatory update – don’t delay!