Avada Forums Community Forum Javascript vulnerability

Tagged: , , , ,

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • Margie_G
    Participant
    July 2, 2020 at 12:52 pm
    Post count: 4
    #762883

    After running a security check on their website, my client sent this query regarding Javascript vulnerability.

    [quote]Looks like the code has been built referencing an old vulnerable version of JQuery. Version 3+ resolves this but it seems to be a major upgrade that has the potential to break old browser support code.
    https://blog.jquery.com/2016/06/09/jquery-3-0-final-released/
    There’s some guidance here: https://stackoverflow.com/questions/37271931/how-to-insert-jquery-code-in-avada-theme,
    This appears to be an issue with the code created by Avada.[unquote]

    I read elsewhere that this is a WordPress issue.

    Can anyone provide some clarity here. Many thanks.

    Michael C
    Keymaster
    July 3, 2020 at 8:20 am
    Post count: 549
    #763116

    Hi @Margie_G

    A vulnerability where exactly? It sounds like they are referring to a vulnerability in old bootstrap versions. In which case those have all been patched since version 5.7.2 of the theme.

    Thanks

    Jetxpert-Envato
    Blocked
    July 10, 2020 at 3:23 pm
    Post count: 339
    #765722

    @Margie_G,

    Please allow me to jump in.

    The jQuery issue (ongoing) lies with WordPress, not Avada.

    Click here for more details and status.

    Cheers!

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.