-
Posts
-
I’ve noticed an odd phenomenon with theme updates, and it’s fairly recent. I am using Enfold on a number of sites and I found that nearly every Child theme install was saying that the current version of Enfold was installed – but it was not the current version at all. In fact on many of them, Enfold was still at version 4.x. Tokens are in place and validated, but when I tried to “Check Manually” it didn’t work, instead forwarding me to the WordPress Updates page with no mention of Enfold needed an update. So instead of running the updates through the theme, I had to FTP install the latest versions.
Currently all themes are up to date but this is a cause for concern as recently I’ve had hackers targeting older themes – particularly avia. The most recent brute force attack was on ‘avia-element-paging’ on a theme that was still in version 4.x.x. Though they did not succeed this time, I fear for the future if Enfold does not alert the need for an update.
Below is a sample of these recent attacks: September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL,NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL,NULL#
September 13, 2022 11:48pm 88.214.25.5 (Germany) Blocked for SQL Injection in POST body: avia-element-paging = 24%’ UNION ALL SELECT NULL#Hey Blaise,
Thanks for contacting us!
Have you inserted your tokens into Enfold child theme options? Also, from which version have you updated the theme? Was it older than 4.5? If so, Envato has updated their API and we have implemented those changes in Enfold 4.5 so that might be the reason.
You can also use Envato Market plugin – https://www.envato.com/lp/market-plugin/ to receive auto updates for the themes and plugins you have purchased from Envato :)
Best regards,
YigitYes I inserted the tokens into the themes. I don’t have the original version numbers since I updated them all manually. But I do know that they were over 4.6 and even 5.0 in some cases – so not older than 4.5. I have installed the market plugin on one of the sites to test but I hope you’ll check further that this is not a glitch.
Hi,
Thanks for the update. If the theme updates should not come through, then please try to install and configure this plugin: https://envato.com/market-plugin/
Best regards,
Rikard
- You must be logged in to reply to this topic.