Vulnerability Discovered in Elegant Themes Divi and Extra Theme and Divi Builder
https://www.wordfence.comA few Elegant Themes products Divi and Extra, as well as Divi Builder had a bug. Combined, these products are installed on an estimated 700,000 sites. They flaw gave authenticated attackers, with contributor-level or above capabilities, the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site’s server.
Affected Versions: (Divi): 3.0 – 4.5.2
Affected Versions: (Extra): 2.0 – 4.5.2
Affected Versions: (Divi Builder): 2.0 – 4.5.2
Fully Patched Version (same for all products): 4.5.3 available from the vendor’s website.