Avada Forums Community Forum Avada 7.2.1 Lighthouse detects vulnerabilities related to Bootstrap@3.3.2

Tagged: 

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • krzychu1478
    Participant
    February 14, 2021 at 2:15 pm
    Post count: 5
    #852316

    Hi, guys,
    I am struggling security vulnerabilities Bootstrap@3.3.2
    /Avada/assets/min/js/library/bootstrap.scrollspy.js
    /Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js
    I have checked all my plugins, two of them uses current safe 4.5.3 version of bootstrap
    It was raised before:
    https://theme-fusion.com/forums/topic/procedure-to-dequeue-bootstrap-3-3-5-enqueue-bootstrap-4-5-3/
    In fact before I have not seen this, before. I am still checking
    On Avada demo, I am not seeing this issue.
    Could someone check if on his website (those who have Avada 7.2.1) sees this lighthouse warning

    Best regards,
    Kris

    krzychu1478
    Participant
    February 15, 2021 at 8:45 am
    Post count: 5
    #852489

    follow-up
    I tested the site without any other plugins then fusion builder and core and still Bootstrap@3.3.2. is detetced.
    I used Library Detector chrome extension and it detects Bootstrap@3.3.2.2
    Now the weird part:

    I have checked a few websites with the same WordPress versions and Avada 7.2.1 and Library Detector does not detects Bootstrap@3.3.2.
    In all checked sites /Avada/assets/min/js/library/bootstrap.scrollspy.js
    /Avada/includes/lib/assets/min/js/library/bootstrap.tooltip.js
    are clearly visible in dev tools. I did binary comparison and are exact the same. I also checked them with a clean Avada distribution form the zip file.

    Still no idea what is going on. Why my sites triggers Library Detector as well as google Lighthouse?

    My website:https://www.strefasluchu.pl, maybe someone smarter than me have a clue why is that.

    Ammar. S
    Keymaster
    February 15, 2021 at 11:21 am
    Post count: 2234
    #852550

    Hello @Krzychu1478

    We do take security very seriously here at ThemeFusion and if any vulnerabilities are found they are immediately patched by our team, we can assure you there is none with our 7.2.1 version, we have thousands of customers on it and as you have checked our demos too without any sign, here is my personal Test site report too with nothing reported at all => https://developers.google.com/speed/pagespeed/insights/?url=https%3A%2F%2Fammartestsite.com%2F&tab=desktop this site is also running latest version of Avada that is 7.2.1

    Thanks

    -Ammar

    krzychu1478
    Participant
    February 15, 2021 at 7:50 pm
    Post count: 5
    #852783

    Ammar, you are right. This is not Avada as itself related. I am just searching in my website what is the troublemaker.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.