Just for clarification as the external tester, I had only looked at the latest version of this product. This was not a thorough test (I was only looking for deserialization issues and I found other issues on the way), and similar to any other products, more issues might exist elsewhere. SmarterTools was very quick in addressing the issues, and they are also going to improve how their application uses .NET remoting in the future to mitigate risks of local privilege escalation attacks.
I just had a quick look at free version of 14.7 to see what features are available without performing any tests. It seems CVE-2019-7214 (exploit via port 17001) and CVE-2019-7211 (XSS) might be applicable. This might suggest that these two issues exist at least since version 14.7 (I did not look at the previous versions as they were too old). Restrict remote access to port 17001 only to trusted IP addresses to mitigate risk of attacks (it should be blocked by the default settings of a Windows Firewall). As mentioned in our original recommendation: "due to the simplicity of finding and exploiting the Deserialization of Untrusted Data issue (CVE-2019-7214), it is recommended to review the server logs and activities to ensure it has not been compromised by attackers in the past".
I could not find "folder move" and download using an encrypted string functionalities in version 14.7. That said, this was just a quick look and other directory traversal or encryption issues might still exist.
Unfortunately, I do not have the capacity to look at other features or versions as this is a very time consuming process especially without having access to the source code and its history.