Tagged: 

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #629448

    Hello!
    I recently subscribed to the VaultPress service and they report the following:

    WT.ShortCode.Exploit
    A security vulnerability was discovered in the WooThemes framework. Please update it to the version 5.3.12 or greater and remove the file preview-shortcode-external.php if it remains in your theme.

    The file affected is /wp-content/themes/enfold/framework/php/avia_shortcodes.

    I have verified that the site in question is running the latest version of Enfold: 3.5.4

    I’m assuming their finding is a false positive but thought I should let you know before. Do I need to take any corrective action?

    Thank you!

    James Geiger

    #630586

    Hey jamesgeiger,

    Thank you for bringing this up with us.

    Please provide more details about what is the exact security vulnerability that has been found so we can further troubleshoot it. You can post it in the private content.

    Best regards,
    Vinay

    #630755

    Hello Vinay,

    VaultPress reports exactly the wording I sent previously, but I’ve placed that wording in the Private Content below:

    Sincerely,

    Jim Geiger

    #631415

    Hi,

    Thank you for getting back to us with the details. This issue is reported to Kriesi please await his reply. In the meantime let us know if the woocommerce is updated to the latest version.

    UPDATE: I just had a word with my team regarding this and the warning turns out to be a false positive. Just make sure your plugins are updated :)

    Best regards,
    Vinay

    • This reply was modified 8 years, 7 months ago by Vinay.
    #631416

    Hi!

    Its indeed a false positive since the file was patched by us (something that woothemes did not do) However since we are no longer using the file anyways I will probably remove it altogether with the next update from our framework :)

    Regards,
    Kriesi

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.