We got the email below from Kinsta and we are wondering if you can tell us which files you guys updated to address the security issue so we can locate and review them. Our goal is to make sure that our child theme isn’t overwriting the code you guys made adjustments to in order to deal with the security issue. Thanks!
We are writing you today to notify you about a security vulnerability which was discovered in the Newspaper theme that was detected on one or more of your websites.
The newspaper theme contains a vulnerability which allows attackers to perform an authenticated, reflected cross-site scripting attack.
This affects versions 10.3.3 and below.
We recommend updating this theme immediately to the latest version.
The following is a list of affected sites we have determined that you currently have access to in MyKinsta.
This vulnerability may exist on both live and staging environments. We recommend that both are checked and updated.
If you have any questions, please feel free to reach out to our Support team.
Thank you for being a Kinsta customer!
The Kinsta Team