Version 7.11.11 – October 23rd, 2024
—————————————————————————————–
– SECURITY: Avada’s WooCommerce quick view setup is vulnerable to Broken Access Control (BAC). Worst case: drafted or private products could be obtained through quick view.
– SECURITY: Deprecated custom colors are vulnerable to Cross Site Request Forgery (CSRF). Worst case: An admin user could be tricked into creating a new color.
– IMPROVEMENT: Removed a few unnecessary cache clearing hooks
– IMPROVEMENT: Updated several option descriptions, dependencies, and dialogs for better usability
– FIXED: Compatibility issue between Layout Builder and plugins using object type filters