Just seen (belatedly) that WP Bakery, which is used in the Majority of themes on themeforest has another security hole.
As a web designer with 50+ themed clients. this hurts.
It’s TIME FOR ENVATO TO OWN THE SITUATION. It’s no longer appropriate for people that buy themes to have to redownload the theme to get an update.
The alternative to enable auto-updated for $50 a year per site - Is not really cricket. Envato should acquire extended licencing for WP Bakery, or sort a deal with WP Bakery a better solution.
It’s not good that something so crucial to the majority of themes has further responsibility dumped on those that purchase. It just seems bad. Thoughts anyone?