On July 23, 2020, wordfence Security Analysis team discovered a flaw present in two themes through Elegant Themes, Divi and Extra, as well as a WordPress plugin named Divi Creator. These products, combined, are installed at an estimated 700,000 sites.
This vulnerability provided authenticated attackers the ability to upload arbitrary files like PHP files, with contributor-level or above functionality, and achieve remote execution of code on the server of a compromised site.
The developers replied on June 29, 2020 that the next version would have a patch coming in. Patches for both products is released August 3, 2020 in version 4.5.3.
This is considered a crucial security problem, and may lead to the execution of remote code on the server of a compromised location. Whether you have not downloaded and run Divi versions 3.0 and above, Extra versions 2.0 and above, or Divi Builder versions 2.0 and above, we highly suggest that you upgrade to the modified edition, 4.5.3, immediately. Alternatively, before you can upgrade securely you should use their Protection Patcher feature.
Description: Authenticated Arbitrary File Upload Affected Products: Divi Theme, Extra Theme, and Divi Builder plugin Theme Slugs: divi, extra Plugin slug: divi-builder Affected Versions: (Divi): 3.0 – 4.5.2 Affected Versions: (Extra): 2.0 – 4.5.2 Affected Versions: (Divi Builder): 2.0 – 4.5.2 CVE ID: Pending. CVSS Score: 9.9 (CRITICAL) CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Fully Patched Version (same for all products): 4.5.3
The developer of one of the most famous premium themes, Divi, is Elegant Themes. One of the advantages of the Divi theme is that it comes with the Divi Page Builder which makes it simple and customisable to design and update the site. Apart from the Divi theme, Elegant Themes often provides an additional style, Extra, which contains the Divi Creator. Also available is the standalone Divi Builder plugin, that can be used with any theme.
Users with the ability to create posts will import and export Divi-page templates utilizing the portability feature as part of the Divi Creator features.
It was found that while this function used a verification test of the form of file on the client side, it omitted a verification test on the server side. This vulnerability allowed authenticated attackers to quickly circumvent the client-side checkup of JavaScript and upload malicious PHP files to a given website. An intruder might potentially use a malware file posted via this process to take control of the website entirely.
As long as you have provided user name and API key to your elegant themes on your WordPress platform, you can directly take charge of your updates in your updates field. Sign in to your account to do so, and navigate to the “Updates” page. Pick the product you wish to upgrade on Elegant Themes and simply click on “Update Button” or “update Theme” based on the product you are updating.
Additionally , please notice that this fix has been made accessible to users through Elegant Themes, even though your account is inactive.
