At this rate I'll be looking into rewriting the text parsing code myself and posting it here. I too am somewhat disappointed by the support for a paid for product. The recent security alerts combined with the slow fixes is also worrying.
I take it that all copies of ReviewPost are currently at risk from the published risk that PhotoPost was open to? That I'm not happy about. I'd prefer to at least see full disclosure so that those of us that are PHP savvy could to fix it ourselves.