SOLVED: Vulnerability detected across all of my Bricks sites

Hello Bricks community,

I just got an email from my host, Cloudways, warning me of vulnerabilities detected. This was triggered across all of my Bricks sites. I am wondering if anyone else has seen this? And how to resolve this?

Warning below:

Here are the detected vulnerabilities in your application:
Theme(s):

WordPress Bricks Builder plugin <= 1.12.4 - Unauthenticated SQL Injection via `p` Parameter vulnerability

Thank you for your help!

Ed

Hi,

please update to 1.12.5 (the same release as 1.12.4, but it includes a security fix) or to version 2.0 or 2.0.1 , which also includes the fix plus all other changes and new features.

If you will update to 2.0, please carefully read the changelog here: Bricks 2.0 Changelog – Bricks. It also contains a section about the security patch if you want to read it.

Best regards,
Matej

@sacsites yes, update Bricks carefully then it works nothing major