Home / Forums / DynamiX Support / vulnerable version of the plugin(Visual Composer

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts

  • Frank Weber
    Participant

    Hi,

    a few minutes ago I got this message from my backup plugin Partner:

    Hi,

    The following of your sites have a vulnerable version of the plugin(Visual Composer: Page Builder for WordPress) installed. Multiple XSS security vulnerabilities in the Visual Composer WordPress plugin versions prior to 4.7.4 (releases prior to October 2, 2015). Please update the plugin at earliest to its latest version to fix the issue. Even if the plugin is not active we feel that you should update the plugin.

    What does this mean. Have I a problem with the actual version of DynamiX? Please help.

    Thanks and best regards Frank Weber from Germany (sorry for the english)


    Patrick Morgan
    Participant

    Got the same message

    Not trusting it…the VC update log at Envato does not have any new updates…

    Not till I hear from somewhere else anyway.

    Patrick

    Andy
    Andy
    Keymaster

    Hi Guys,

    It is genuine, but please wait until the next version of the theme to update this ( 5.0.4 ), there is an issue I need to address with 4.7.4.


    Patrick Morgan
    Participant

    Sorry – Updated to 5.0.3 yesterday

    Got php errors about Styled Boxes not working – right pain in the ass…

    Took my site down for a few hours while I found the issue

    Patrick

    Andy
    Andy
    Keymaster

    Hi Patrick,

    I’m currently uploading the next version. But you can fix this yourself now if you wish: http://acoda.com/forums/topic/errors-blank-pages-with-5-0-3/

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.