Tagged: 

Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • January 23, 2026 at 8:13 am #1494213
    spitsdesign

    Is a update 7.1.4 Available? We get a Cross Site Scripting (XSS) vulnerability.

    January 24, 2026 at 9:50 am #1494259
    spitsdesign

    Anyone?

    January 24, 2026 at 10:13 am #1494260
    Niky67

    Hi

    I too have had a message about the 7.1.3 Enfold Cross Site Scripting (XSS) vulnerability

    Please advise

    Thank you
    Nick

    January 26, 2026 at 2:51 pm #1494330
    spitsdesign

    Hi,
    Still waiting for some feedback / solution…

    January 26, 2026 at 7:00 pm #1494347
    michaelH

    Looking forward to an update and/or hotfix as well, thank you.

    January 27, 2026 at 4:41 am #1494351
    Ismael

    Hi!

    Rest assured that a fix will be included in the next version (7.1.4), which should be released soon. Thank you for your patience.

    Regards,
    Ismael

    February 18, 2026 at 4:25 pm #1495192
    cesargrcf

    I have had a Cross Site Scripting (XSS) vulnerability.
    New update? 7.1.4? When?

    February 18, 2026 at 4:30 pm #1495193
    Guenni007

    All of you who are impatiently waiting for a fix. Have you ever tested your site on
    securityheaders.com, or on MDN Observatory for example?
    Please start by securing your pages against attacks in general and closing the huge gate to your pages before you try to plug small loopholes.

    February 19, 2026 at 11:29 am #1495216
    orianos

    Hi @Guenni007,
    reporting this warning… does not mean badmouthing “our” great “Enfold theme”. But you understand that seeing this warning every week for months and then having to explain to our users that it’s nothing serious… ugh… it gets embarrassing.
    Don’t you think?

    Best regards, Oriano

    February 20, 2026 at 10:17 am #1495263
    spitsdesign

    Hey,
    When will the update be available? It’s been a couple of weeks now….
    I’m looking forward to your feedback / update.

    February 20, 2026 at 11:09 am #1495269
    Ismael

    Hi!

    We have forwarded this thread to our channel again and you will be notified once the patch is released. Thank you all for your patience.

    Best regards,
    Ismael

    February 20, 2026 at 1:06 pm #1495284
    michaelH

    @Guenni007 Thanks for these links!
    What is a good score (for HTTP Observatory) and a good grade for Security Headers?

    February 20, 2026 at 5:08 pm #1495294
    Guenni007

    by the way – i guess 7.1.4 is online !

    my values are A+ and 120/100. ;) yes that is possible with extra points on mdn observatory

    for wordpress pages with all its plugins you can not have better settings on style-src than ‘unsafe-inline’

  • Author
    Posts
Viewing 13 posts - 1 through 13 (of 13 total)
  • You must be logged in to reply to this topic.