"A critical security vulnerability has been found in LNbank, external plugin v1.9.0. To mitigate, all users using this plugin are urged to update immediately."
"This security vulnerability only affects users using LNbank plugin, if you don't have it enabled ,you're safe and no further actions are needed."
"v1.9.2 will be the last version of LNbank and everyone using the plugin should phase out its usage, especially if you are running this on an instance, which offers public registration for everyone," wrote developer d11n in a blog post.
"v1.9.2 fixes the particular vulnerability and also completely disables the sending functionality. It is an additional security measure to prevent any further loss."
You can read the recap of the first LNbank vulnerability here.