Elegant Themes has become aware of a potentially critical vulnerability in its products and has informed all customers by e-mail. For those who haven’t heard about the issue, here are further details:
A vulnerability has been found in the Divi Builder, the themes Divi, Divi Extra and 2.3 (Legacy), and in the plugins Boom and Monarch. The security problem has already been fixed by a dedicated security firm but an update of the above products is highly recommended to protect users from possible future attacks.
Customers who are updating their themes and plugins should temporarily disable the application on their pages and Elegant Themes also recommend using the security plugin, Security Patcher, as well as Sucuri’s proxy, Cloud WAF. Elegant Themes provides all updates for free and also for accounts that have already expired, so there’s no reason not to keep all of your themes and plugins fully updated!