In this post, I’m going to present to you my review on Pabbly Connect.
This review helps you also to get an idea about their other products like Pabbly Email Marketing and Pabbly Subscriptions.
Pabbly Connect is one of the most hyped-up Zapier alternatives in the market well known for its inverted-Beats audio green logo.
It is from the same team behind products like Pabbly Email Marketing and Pabbly Subscriptions.
They are popular for running lifetime deals in their group that goes around “Pabbly LTD deals”.
If you are not familiar with what Pabbly Connect does, it helps you integrate various apps and automate your workflows.
I came across this tool in their group and also by seeing their affiliates promoting it big time, trolling other competing products.
So I decided to give it a try.
I almost started to move my entire automation workflows out of Zapier and Integromat to Pabbly Connect.
Glad I did not entirely migrate and plugged out to change all my credentials.
Pabbly has been accused of poor security measures. Early in 2020, they saw a big breach of user data – 51.2 Million Records were leaked online.
As per the discovery made by Jeremiah Fowler, here are his conclusions:
Database of the user data publicly available? Internal logs available on the free internet?
In spite of this, neither they seem to have thanked the bug spotter nor did they inform the users about the breach as part of their SOP.
If you search online, there are dozens of reports on the same.
They seem to have even have not fixed the issues according to many sources.
As of writing this post there still seems to be an issue.
They have integrations with 250+ apps as of writing this review. But the integrations are very shallow and put forward in a hurry to inflate the number to boost their lifetime deal sales.
They even advertise the apps like Notion, which isn’t even integrate-able and they don’t have integration with it as they don’t have an API (as of writing publishing this post).
Added to this, to give a sense of security to the users, they posted falsely that they’ve partnered up with 250+ apps for transmission of secure data.
Pabbly Connect helps you connect all your apps and lets them communicate with each other. So, data security is critical.
Pabbly Connect is their new product, but they seem to be committing the same mistakes.
They seem to be transmitting important credentials in plain text.
Along with this they also have XSS vulnerabilities as you saw in one of the above screenshots.
It is even demonstrated in the community that they have XSS vulnerability.
The co-founders – Neeraj Agarwal and Pankaj Agarwal deal with all the support issues on Facebook.
When this news started to surface all over the community, they rolled out the update.
FYI, Neeraj is one of the co-founders of Pabbly
They said the update rolled out in 15 minutes.
And later, it came to notice that it was just a frontend update. They hid the fact that they are transmitting credentials in plain text.
Later, I posted my concern in the group about this, it was deleted.
Later as I started to share among the rest of the community regarding this, they evaded the questions.
They evaded the questions even after repeated queries.
The co-founders and their affiliates started to attack me personally too.
In spite of a lot of pressure from the users to inform the customers about the breaches, they didn’t email their customers.
They just repeated what they did with Pabbly Email Marketing breach in early-2020 – with the very same vulnerabilities.
They seem to have gotten away as they are from a place where strict data regulations are not there unlike the EU or US.
But especially if you are serving clients there with their agency plans, beware!
Apps like Zapier need to take the privacy of their user’s data seriously.
Because these automation apps potentially have all the data and credentials of your entire online business.
Especially, with these kinds of apps, if you are dealing with high-stake client-related data as an agency, you’ll end up in a lot of trouble.
Having bugs and unintentional breaches are completely acceptable as long as they are communicated properly to the customers – so that you can stay transparent with your clients.
It’s just my honest review about Pabbly Connect. If you find any misleading information here, you can contact us.