Bukkit

Advanced Portals update 0.5.6
* Fixed packet exploit affecting destinations (only effecting versions 0.5.0 to 0.5.5).

Luckily only destinations were effected, so people were only able to teleport themselves to set destinations forcedly. The fixes will disable advanced features for anyone who doesn't have bungee setup correctly to protect the users not using bungee especially.

It seems that this specific issue is quite widespread so you may want to check any plugins that use bungee packets to trigger features. Thanks to nyxoh for pointing this issue out.

This effects servers both using and not using bungee so everyone should update to avoid this issue. It seems these checks are not carried out on quite a few plugins so be cautious if you have any plugins that communicate with bungee in some way (though I am unsure if bungee will capture it, you may be just at risk if you don't use bungee).

In the future to avoid possibly worse issues than this, more testing will be going on, especially surrounding features that use packets. I feel its better to be open and clear about this rather than quietly brush this under the carpet.