vulnerable version of the plugin(Visual Composer

Viewing 5 posts - 1 through 5 (of 5 total)

Author

Posts
October 9, 2015 at 6:47 pm #84701

Frank Weber
Participant

Hi,

a few minutes ago I got this message from my backup plugin Partner:

Hi,

The following of your sites have a vulnerable version of the plugin(Visual Composer: Page Builder for WordPress) installed. Multiple XSS security vulnerabilities in the Visual Composer WordPress plugin versions prior to 4.7.4 (releases prior to October 2, 2015). Please update the plugin at earliest to its latest version to fix the issue. Even if the plugin is not active we feel that you should update the plugin.

What does this mean. Have I a problem with the actual version of DynamiX? Please help.

Thanks and best regards Frank Weber from Germany (sorry for the english)

October 10, 2015 at 10:03 am #84708

Patrick Morgan
Participant

Got the same message

Not trusting it…the VC update log at Envato does not have any new updates…

Not till I hear from somewhere else anyway.

Patrick

October 12, 2015 at 2:57 pm #84777

Andy
Keymaster

Hi Guys,

It is genuine, but please wait until the next version of the theme to update this ( 5.0.4 ), there is an issue I need to address with 4.7.4.

October 12, 2015 at 3:03 pm #84783

Patrick Morgan
Participant

Sorry – Updated to 5.0.3 yesterday

Got php errors about Styled Boxes not working – right pain in the ass…

Took my site down for a few hours while I found the issue

Patrick

October 13, 2015 at 11:15 am #84833

Andy
Keymaster

Hi Patrick,

I’m currently uploading the next version. But you can fix this yourself now if you wish: http://acoda.com/forums/topic/errors-blank-pages-with-5-0-3/
Author

Posts

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.