Critical vulnerability

Hi again,

Be sure that it’ll be patched for next version if not already, please update our plugin to latest version.

Kind regards,
George

Hi, @rubeushagrid13 any news about the version plugin update? my site don’t works

It still tells me fatal error

Hello.

We have Royal Elementor Addons 1.7.1 installed. However The wordpress toolkit still flags it as vulnerable.
CriticalWordpress Royal Elementor Addons and Templates plugin <= 1.3.78 & 1.4.78 – Unauthenticated Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload vulnerability discovered by Fioravante

Sources: https://patchstack.com/database/vulnerability/royal-elementor-addons/wordpress-royal-elementor-addons-and-templates-plugin-1-3-78-unauthenticated-arbitrary-file-upload-vulnerability?_a_id=110

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/royal-elementor-addons/royal-elementor-addons-and-templates-1378-unauthenticated-arbitrary-file-upload

Best regards,

Hi again,

We’ve had communication about it with wpscan and they’ve told that it’s patched but because of directly increasing version to 1.7.1 issue still appears, be sure that it won’t create any issue, you can contact patchstack and wordfence itself and ask them about vulnerability, it’s already patched.

It’s written that fix is available in 1.3.79 and above so no problem there.

Kind regards,
George

Hi

Ok thanks.

Solved