WPbuy 團購論壇

 找回密碼
 立即註冊

[通知] Elegant Themes 安全性升級通知

[複製鏈接]
yungkeli 發表於 2018-10-31 12:15:47 | 顯示全部樓層 |閱讀模式
Professional DNS
2018/10/31 收到 Elegant Themes 的郵件通知,Divi、Extra 佈景主題與 Divi Builder 外掛有安全性問題需要升級。

主要問題影響,是在非管理員的使用者可以透過 Divi Builder 來使用原本只限於管理員使用的 HTML 語法。

請 VIP 會員盡速升級到最新版本。

詳細內容:

Elegant Themes Security Update

Today our Divi, Extra and Divi Builder products were updated to improve overall security and to fix security issues identified by our team and an independent security researcher during a scheduled internal code audit. Updating these products to their latest versions will apply the patch, keeping your website secure.

The Problem

A privilege escalation vulnerability was discovered that could allow low level users, such as Authors, to use unfiltered HTML inside of post content when using the Divi Builder. Using such code in posts is typically reserved for admins.

Are You Affected?

The problems identified affect all websites using the Divi theme, Extra theme or the Divi Builder plugin. Specifically it affects these websites that also have open user registration or low level post authors.

How To Fix It

Updating your themes and plugins will patch the bugs and improve the security of your website. You can update your themes or plugin from within your WordPress dashboard, or you can download the latest versions from the members area and update them manually.

Has Your Account Expired?

We are making these updates available for free to all expired accounts. Even if your account has expired, you can still update your themes or plugins to their latest versions via your WordPress dashboard. Expired accounts will not be restricted from updating.
請會員多利用「廣播」功能,查詢最新佈景和外掛動態   
您需要登錄後才可以回帖 登錄 | 立即註冊

本版積分規則

服務信箱|推廣註冊|手機版|WPbuy 團購論壇 |網站地圖

GMT+8, 2018-11-15 15:57 , Processed in 0.011335 second(s), 9 queries , Redis On.

Powered by Discuz! X3.4

© 2001-2017 Comsenz Inc.

快速回復 返回頂部 返回列表