Not so good news for all Android developers, which have hybrid apps in Google Play. Cordova framework, up to 3.5.0 version, has serious security issue. Problem was discovered by David Kaplan and Roee Hay of IBM Security Systems. IBM developers discovered four total problems with Apache Cordova but three of them has medium risk status. However, issue CVE-2014-3500 is a high security risk. In short:
Android applications built with the Cordova framework can be launched through a special intent URL. A specially-crafted URL could cause the Cordova-based application to start up with a different start page than the developer intended, including other HTML content stored on the Android device. This has been the case in all released versions of Cordova up to 3.5.0. Issue has been fixed in release 3.5.1 and later.
So, this situation it is high recommendation for every Android developer to update Cordova framework in their apps as soon as possible. Other platforms supported by Cordova are safe and no need update. If You want learn more about this problem here is a link.