fbpx

Critical Vulnerability Exposes over 700,000 Sites Using Divi, Extra, and Divi Builder

On July 23, 2020, our Threat Intelligence team discovered a vulnerability present in two themes by Elegant Themes, Divi and Extra, as well as Divi Builder, a WordPress plugin. Combined, these products are installed on an estimated 700,000 sites. This flaw gave authenticated attackers, with contributor-level or above capabilities, the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site’s server.

We initially reached out to Elegant Themes on July 23, 2020 and, after establishing an appropriate communication channel, we provided the full disclosure details on July 28, 2020. The developers responded on

This post was originally published on this site

Work With Xiphos Web Marketing

No business is too small to succeed, thanks to online technology! From marketing, to customer service, to placing orders, to customer financing, there are tools that anyone can utilize. Let me, Nate Houstman, be your guide!

FINANCING AVAILABLE!

Pin It on Pinterest

Share This
Xiphos Web Marketing

FREE
VIEW