Envato Market Security Notice: Visual Composer

[alelordelo]

Hey guys,

I have received the message bellow. Should I do anything about it?

best

We are getting in touch to let you know about multiple XSS security vulnerabilities in the Visual Composer WordPress plugin versions prior to 4.7.4 (releases prior to October 2, 2015). This plugin was included in items you’ve purchased (listed below).

We have been working with WP Bakery, the creators of Visual Composer, who have addressed all identified vulnerabilities and undertaken a code audit to ensure that it is as secure as possible. Theme authors whose items include Visual Composer have been instructed to make sure their items accommodate this upgrade. Items that include older versions of Visual Composer will be disabled from the market until this change is made.

Affected Items

Your items that include Visual Composer:

Cardinal – WordPress Theme

[Kyle – SUPPORT]

Hi

Please download the latest package from TF, the latest revslider file will be in there

– Kyle

[alelordelo]

You men latest Cardinal package?

So I only need to update cardinal from the WP Admin?

best

[Rui Guerreiro – SUPPORT]

Hi,

Not exactly. Like Kyle said go to the Themeforest Download area and download the biggest zip file that has everything inside.
There it will be the latest version of Revolution slider that fixes the current plugin issue.

-Rui

[alelordelo]

I went to appearence/theme/addnew/upload

But it gets stuccoes after I upload the theme. I left for how and nothing. Is this the correct path?

thanks!

[Kyle – SUPPORT]

To upload plugins you go to Plugins > Add New however you will either need to delete the rev slider you currently have installed or upload the new files via ftp to override the old files (recommended)

– Kyle