1. PROMO Subscribe our All Access Pass @ 75% OFF & access all our 16+ premium Divi extensions: Divi Block Pro, Carousel Toolkit, etc.LEARN MORE
Dismiss Notice
NEW Divi.Help Pro Carousel AI Toolkit - Magically turn your Divi design into carousel, simply by using our online toolkit. No plugins needed. Now it works with Divi 5 as well!Try our carousel AI toolkit
BEST Divi Block - A revolutionary drag & drop tool to easily mix & match 960+ premade blocks (Light & Dark) to kick start your Divi site design. Special module designs are included as well. Also newly added AI generator & color. Now it works with Divi 5 as well!
Learn More About Divi BlockFree Version ~ 340+ Free Blocks

Vulnerability found in js library used by Divi

Discussion in 'Free Divi Community Forum' started by deimian, Oct 3, 2024.

  1. deimian

    deimian New Member

    Hello, I have been scanning my WordPress site, which uses the Divi theme, with Zap. The application reports a vulnerability in a js library, specifically in the 'jQuery Mobile v1.4.5' library. I have been searching my site to see what is using this library, and all references found point to the Divi theme as the object using it.

    My question is... Can I manually update the jQuery Mobile library myself?

    I'm attaching the grep I performed where I found the outdated library within the Divi folders on my site:

    [​IMG]
     
    #1 deimian, Oct 3, 2024
    Last edited: Oct 3, 2024
    1. PRO MEMBER PERKS Divi Block Pro - Premade promo bar / notification bar with close button for your Divi site without using any plugins:View Demo
  2. Divi Booster

    Divi Booster Divi Expert

    Hey deimian,

    The latest version of Divi still seems to be using v1.4.5. In theory you could replace the library in the location found in your grep results, but there's a chance changes in the library will cause some parts of the site to stop working correctly. If you decide to update, it looks like Divi enqueues this script if any of the following modules are used, so I'd test their functionality after updating:

    Portfolio
    Slider
    Post Slider
    Fullwidth Slider
    Fullwidth Post Slider
    Video Slider

    Also note that replacing the file directly in Divi's theme folder would mean that it will be overwritten if you update Divi. Otherwise, you'd probably need to use PHP code to dequeue the affected version and enqueue the updated version.

    But I'd suggest contacting Elegant Themes about it:

    https://www.elegantthemes.com/contact/

    They may be able to provide a workaround until a fix is available. They may also be able to tell you whether there is actually an issue - not all vulnerabilities in JavaScript libraries translate into vulnerabilities in the product using them (since they may not use the affected functionality from the library, for example).
     
    #2 Divi Booster, Oct 6, 2024
(You must log in or sign up to post here.)