Bussiness Gadget News Tech Uncategorized

WordPress: flaw in themes leaves 100,000 sites vulnerable

A major security vulnerability was found in WordPress themes and plugins developed by the company Thrive Themes. The company has already released a fix, but, according to security company Wordfence, the error still endangers more than 100,000 sites that have not yet downloaded the patch to mitigate the flaw.

As security experts explain, the flaw found in Thrive Themes’ solutions allows hackers to use the theme or a plugin to upload files to WordPress sites. The contents may include viruses and codes for displaying spam.

Although the company released a patch on March 12 for the flaw, thousands of users have not yet downloaded the update, Wordfence estimates. To perform the correction, the user only needs to enter the WordPress update system and download the latest version of the theme or plugin used and which is distributed by Thrive Themes.

Which version to download?

As the update is now available, hackers are targeting users of Thrive Themes services who have not yet applied the patch patch on their websites. Below, you can see a list of the affected services and which version should be used to be protected from the vulnerability:

All Legacy themes from Thrive Themes, including Rise, Ignition and others | Version 2.0.0 or higher
Thrive Optimize | Version or higher
Thrive Comments | Version or higher
Thrive Headline Optimizer | Version or higher
Thrive Themes Builder | Version 2.2.4 or higher
Thrive Leads | Version or higher
Thrive Ultimatum | Version or higher
Thrive Quiz Builder | Version or higher
Thrive Apprentice | Version or higher
Thrive Architect | Version or higher
Thrive Dashboard | Version or higher
Thrive Ovation | Version 2.4.5 or higher


Your email address will not be published. Required fields are marked *