Elegant Themes announced that several of their products contained a code injection vulnerability and should be updated right away. The vulnerability allows an untrustworthy user to execute PHP functions. Divi is a popular WordPress theme that is widely used around the world. It’s important that publishers update their theme and two other Elegant Themes products right away. The official announcement detailed that the vulnerability was discovered during the course of a routine audit. This is how they described the discovery: “A code injection vulnerability was discovered by our team during a routine code audit that could allow logged in contributors, authors and editors to execute a small set of PHP functions. WordPress Divi Theme Code Injection Vulnerability
thumbnail courtesy of searchenginejournal.com