How do I upgrade Visual Composer?

[adameriksson]

Hi!

This weekend I recevied an email from Envato Market saying that there are multiple XSS security vulnerabilites in the Visual Composer plugin versions prior to 4.7.4. They noticed that Flexform inlcudes Visual Composer and they strongly encourage me to update Visual Composer to version 4.7.4 or later ASAP.

They gaved me a link to download the latest Visual Composer plugin. But since Flexform includes the visual composer inside it’s theme folder I dont know how to update?

The files inside flexform/includes/page-builder dont exactly match up to the visual composer plugin folder. I dont dare to try copying the files from the VC folder to page-builder folder.

Can you please give the flexform theme users a guide how to update to the latest Visual Composer?
Or maybe you can push out an theme update with updated VC files?

Thanks // Adam

[David Martin – Support]

Hi Adam,

We are aware of this, I’ll just double check this with the lead developer on the status of this.

Thanks,
David.

[Swift Ideas – Ed]

Hi Adam,

As long as you upgrade to Flexform v1.70 (an auto update we pushed last week) – then you won’t need to worry. Just go to Dashboard > Updates, and make sure you have updated.

– Ed