Codeless
  • Support Home
  • Themes
  • Support
  • WordPress Tutorials
    • How to Start a Blog
    • Best Website Builders
    • Best Small Business Hosting
    • Email Marketing Services
    • Cheap WordPress Hosting
  • Video Tutorials

Community Forums

Specular – WordPress removed codeless-framework

#specularcodelessdeletedvulnerabilitywordpress
    • 5 years, 11 months ago vkeith17
      Participant

      Hello!

      Got an email from WordPress saying that they found that the codeless-framework plugin/theme contains malware, and in order to protect my site the security system automatically removed it altogether, getting rid of features such as the codeless slider, portfolio grids, headers….

      After getting in touch with them and sending them the zip for the plugin/etc., they found the following file “codeless-framework/include/shortcodes/preview-shortcode-external.php” to contain a vulnerability that allows an exploit through shortcodes (lines 30-36 on the file).

      Is there a way a secure version could be provided and that I could regain the work that was put into preparing the website through it?

      UPDATE: This is what WordPress says is the exact issue that needs to be fixed by the author of the theme:

      Codeless Framework: Our systems have identified the following file “codeless-framework/include/shortcodes/preview-shortcode-external.php” to contain a vulnerability that allows an exploit trough shortcodes. (Lines 30-36 on the file). I would recommend contacting the plugin vendors about it. They can check the code on the file and provide you with a secure version. Layerslider: Here you have information about vulnerabilities for this plugin: https://wpvulndb.com/vulnerabilities/8822
      Versions from 6.2.1 and up are safe. You can get an updated version from the theme vendors and upload it to your site.</p>
      Can you guys look into updating this so that the theme is functional and WordPress will stop removing the plugin?

      Thanks!

      • This topic was modified 5 years, 10 months ago by vkeith17.
      • This topic was modified 5 years, 10 months ago by vkeith17.
    • 5 years, 11 months ago Ludjon
      Keymaster

      Hello, i sure you that no malware in original package on Themeforest.

      It’s more probably that you have a malware in some place in your host/server and it automatically expand to other folders and files. It happens when using downloaded premium themes/plugins for free on pirate websites.

      So please check your website entirely, after that, update theme get from Themeforest

      Thanks

    • 5 years, 11 months ago vkeith17
      Participant
      This reply has been marked as private.
    • 5 years, 11 months ago Ludjon
      Keymaster

      Ok, thanks for noticing us. This is not malware but a vulnerability that can be executed from an administrator from backend only. Will update ASAP

      Thank You

      • 5 years, 10 months ago vkeith17
        Participant

        Hi Ludjon,

        We are still trying to resolve this. We chatted with WordPress support and they told me that I should try reinstalling the plugin. We did, and it worked for a day until we got shut down again with the same message about it being automatically removed due to a vulnerability. As mentioned, we got this from a reputable site, it’s not pirated software. We *really* could use your help in fixing this. Is there a new updated plugin we can download so that our site will have full functionality? The issue is a big one because it totally impacts the look of our site and when WordPress kills it, we no longer have the images scrolling across the top which makes the site way less attractive/functional. Please get back to us ASAP!!!!

    • 5 years, 11 months ago vkeith17
      Participant

      Thanks. Let me know when a fix is ready so I can re-install!

    • 5 years, 11 months ago Ludjon
      Keymaster

      You’re welcome, will let you know as soon as possible :)

      If you like our theme and support, leave us a rating on Themeforest, it’s very important for us :)

      https://themeforest.net/downloads

      Thank You so much

      • 5 years, 11 months ago vkeith17
        Participant

        Hi Ludjon!

        We’re still waiting for a software update from your team. Do you have any news for us?

    • 5 years, 11 months ago staciemercure
      Participant

      My network supplier said the same thing, it had malware and uninstalled my theme. I lost all my work. And, the codeless header is not working nor is the portfolio.

       

      Help!

    • 5 years, 11 months ago Mirela
      Participant

      Hello,


      @staciemercure
      ,
      Please add some wp and ftp credentials in your profile. The developer will check it asap.
      https://support.codeless.co/?ht_kb=add-private-login-credentials

      Best regards!

    • 5 years, 10 months ago vkeith17
      Participant

      Staciemercure, did you get the problem fixed? Would love to know what the issue was because we are still struggling with this and our site looks awful. Also lost work. This sucks.

    • 5 years, 10 months ago vkeith17
      Participant

      OK, I just got this from WordPress chat support:

       

      “<span style=”color: #3d4145; font-family: -apple-system, BlinkMacSystemFont, ‘Segoe UI’, Roboto, Oxygen-Sans, Ubuntu, Cantarell, ‘Helvetica Neue’, sans-serif; font-size: 14px; white-space: pre-wrap;”>Codeless Framework: Our systems have identified the following file “codeless-framework/include/shortcodes/preview-shortcode-external.php” to contain a vulnerability that allows an exploit trough shortcodes. (Lines 30-36 on the file).</span>

      <span style=”-webkit-tap-highlight-color: rgba(0, 0, 0, 0); border: 0px; font-family: -apple-system, BlinkMacSystemFont, ‘Segoe UI’, Roboto, Oxygen-Sans, Ubuntu, Cantarell, ‘Helvetica Neue’, sans-serif; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; color: #3d4145; white-space: pre-wrap;”>I would recommend contacting the plugin vendors about it. They can check the code on the file and provide you with a secure version. Layerslider: Here you have information about vulnerabilities for this plugin: </span>https://wpvulndb.com/vulnerabilities/8822<span style=”-webkit-tap-highlight-color: rgba(0, 0, 0, 0); border: 0px; font-family: -apple-system, BlinkMacSystemFont, ‘Segoe UI’, Roboto, Oxygen-Sans, Ubuntu, Cantarell, ‘Helvetica Neue’, sans-serif; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; color: #3d4145; white-space: pre-wrap;”> Versions from 6.2.1 and up are safe. You can get an updated version from the theme vendors and upload it to your site”. </span>

      Can you guys help with an update please?

    • 5 years, 10 months ago vkeith17
      Participant

      “Codeless Framework: Our systems have identified the following file “codeless-framework/include/shortcodes/preview-shortcode-external.php” to contain a vulnerability that allows an exploit trough shortcodes. (Lines 30-36 on the file). I would recommend contacting the plugin vendors about it. They can check the code on the file and provide you with a secure version. Layerslider: Here you have information about vulnerabilities for this plugin: https://wpvulndb.com/vulnerabilities/8822

      Versions from 6.2.1 and up are safe. You can get an updated version from the theme vendors and upload it to your site”

    • 5 years, 10 months ago Mirela
      Participant

      Hello,

      Please re-download theme files from your Envato > Downloads. Then replace the current files in your wp-content/themes folder in the server. Read this section of documentation for more details: https://codeless.co/documentation/main.html#update_theme

      Best regards!

Viewing 11 reply threads

You must be logged in to reply to this topic.

Login

Log In
Register

Renew Support

  • Renew Specular Support
  • Renew Tower Support
  • Renew Folie Support
  • Renew Handel Support
  • Renew June Support
  • Renew Picante Support
  • Renew Thype Support
  • Renew Regn Support

Search Forums

Forums

  • Bygge – Construction Theme
  • Converta – Software Theme
  • Folie – The WordPress Website Builder
  • Handel – Responsive Multi-Purpose Business Theme
  • June WooCommerce WordPress Theme
  • Livecast – Podcast Theme
  • Picante – Restaurant & Food WordPress Theme
  • Regn | Agency & Business WordPress Theme
  • Remake – Minimal Portfolio & Agency Theme
  • Specular – Multi-Purpose WordPress Theme
  • Suggest us Features
  • Tower – Business-Driven Multipurpose WP Theme
  • Vibrance – Photography Theme

Site Links

  • Support Policy
  • Specular Support Forum
  • Video Tutorials
  • Knowledge Base
  • Guides and Reviews

Useful Articles

  • Build a Website
  • Web Design & Development
  • Hosting
  • WordPress

Login

Log In
Register Lost Password