The developers of the Divi WordPress theme Elegant Themes have released an urgent security patch to fix a recently discovered vulnerability.
A code injection vulnerability was discovered by the Elegant Themes team during a routine code audit that could allow logged in contributors, authors and editors to execute a small set of PHP functions.
Are You Affected?
Every website with potentially untrustworthy contributor, author and editor users using Divi version 3.23 and above, Extra 2.23 and above or Divi Builder version 2.23 and above are affected and should update to the latest product versions. Product versions 4.0.10 include the security patch.
How To Fix It
Updating your themes and plugins will fix this problem. You can update your themes and plugins from within your WordPress dashboard. Just click on Appearance and Themes.
Do You Need Support?
We know many of our customers use the Divi theme. If you need a helping hand ensuring this update is applied, just log a support request via your client area.
On Our Managed WordPress Plans?
If you’ve signed up to one of our Managed WordPress plans then fear not. This update has already been applied for you.