It was indeed shocking and a tensed situation for the customers of Elegant Themes when they received an email on 02/17/2016 about the critical and serious security vulnerability that will surely affect their product. For all those running a site with few trusted users, it was not a major issue for them. But for the ones handling many users, this news was the worst nightmare for them. The affected version for this included:
- Divi – 2.6.4
- Diviv (legacy) – 2.3.4
- Divi Builder – 1.2.4
- Extra -1.2.4
- Bloom – 1.1.1
- Monarch – 1.2.7
Disclosure of Vulnerability:
It was found in Divi Builder that exploited the user privileges. It allowed the registered users on the WordPress installation to perform subset of actions within Divi Builder that allowed to manipulate the posts regardless of the role. In short the logged in users were given the access even if they don’t have the privilege. The vulnerability was privately disclosed to the Elegant team but there have not been any reports of exploitation attempts against this vulnerability.
Efforts put forth by Elegant Team:
There was an important security update that fixed the critical vulnerability released by Elegant themes. The team contacted the customers to upgrade to the new version. They have even allowed the updates for the people whose licenses has expired for free, this shows that the update is very important. One can easily update the theme or update the plugin using the updater plugin. One can also update them manually from the members area. Also the customers who have forgotten their login credentials can directly contact the team to have the latest versions. The company has also looked into Fortinet to improve their network security and business applications.
Installing the Security Patcher plugin:
There is a plugin created by Elegant theme that will patch the issue without upgrading the version. It is available for free and can be easily downloaded by the customers. Installation of this plugin will help to patch the known vulnerabilities in the products. It is also advised to delete the untrusted registered users from the WordPress installation and disable the plugins that allow for the user registration. It is well coordinated with Sucuri’s CloudProxy team and they have virtually patched the vulnerability within their network. Your network potentially harbors security vulnerabilities which will allow attackers entry into your system. When you hire Sapphire, they’ll report their findings to you and develop an action plan to plug these security holes and strengthen your network.
Though this vulnerability was very critical that required an immediate fix, the efforts that were put by Elegant Themes team was really appreciable. There were quick and spontaneous actions that were taken by them that avoided any exploitation attempts. I will keep you updated about this vulnerability and come up with some more information about it in the future posts.