Input validation vulnerability in Divi Builder 4.25.0

The Elegant Themes Divi and Extra themes, as well as the Divi Page Builder plugin for WordPress, have a security vulnerability. This vulnerability, known as DOM-Based Stored Cross-Site Scripting, allows attackers with certain permissions to insert harmful code into pages that will run when someone views those pages. This vulnerability exists in versions up to and including 4.25.0.

Detected in:

Divi fixed vulnerable versions: >= * <= 4.25.0
Divi Builder fixed vulnerable versions: >= * <= 4.25.0
Divi Extra fixed vulnerable versions: >= * <= 4.25.0

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Is this information incorrect? Please leave us a message.