DiviTorque Lite – Divi Theme, Divi Builder & Extra Theme

Vulnerabilities 8Slug addons-for-diviLatest version 4.2.3WordPress.org →

Minimum safe version

4.1.1

Update to 4.1.1 or later to address 8 fixable vulnerabilities

Latest available4.2.3 ✓

Medium 6.4

2025-07-03< 4.0.6

Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library

EUVD Wordfence WPScan CVE

Medium 6.4

2025-01-29< 4.1.1

WordPress DiviTorque – Divi Theme, Divi Builder and Extra Theme Plugin <= 4.1.0 is vulnerable to Cross Site Scripting (XSS)

Patchstack EUVD Wordfence CVE

Medium 6.3

2024-10-16< 3.5.0

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

Medium 6.4

2024-06-12< 4.0.0

CVE-2024-5892

CVE Wordfence Patchstack

N/A

2023-07-19< 3.6.0

WordPress DiviTorque – Divi Theme, Divi Builder and Extra Theme Plugin <= 3.5.8 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

N/A

2022-03-04< 3.5.0

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

2022-02-28< 3.5.0

WordPress DiviTorque – Divi Theme, Divi Builder and Extra Theme plugin <= 3.4.3 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 3.5.0

WordPress DiviTorque – Divi Theme, Divi Builder and Extra Theme plugin <= 3.4.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack