Elegant Themes: >> Divi Builder Security Vulnerabilities
An issue was discovered in the Divi Builder plugin, Divi theme, and Divi Extra theme before 4.5.3 for WordPress. Authenticated attackers, with contributor-level or above capabilities, can upload arbitrary files, including .php files. This occurs because the check for file extensions is on the client side.
CVSS Score
9.9
EPSS Score
0.022
Published
2021-01-01