Avada Fusion builder is ithis a threat?

  • Resolved SandraGaffney

    (@sandragaffney)


    6 years, 12 months ago

    Hi, your plugin says it found 2 known threats, but scanning with security online it says the site is clean

    known threats:
    1)
    fusion-builder/inc/lib/inc/class-fusion-fusionredux.ph
    your plugin highlights the followning line:

    include wp_normalize_path( dirname( __FILE__ ) . ‘/redux/assets/style.css’ );

    2)
    wp-content/themes/Avada/includes/lib/inc/class-fusion-fusionredux.php

    it highlights
    include wp_normalize_path( dirname( __FILE__ ) . ‘/redux/assets/style.css’ );

    Thanks,
    Sandra

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    It is improper to be using include on a css file. There are safe ways to read and output css content and WordPress even has a built-in method for doing just that.

    For now I have whitelisted this code but I would strongly advise all developers to use safer methods.

Viewing 1 replies (of 1 total)
  • The topic ‘Avada Fusion builder is ithis a threat?’ is closed to new replies.