Quick hotfix release as Bricks 1.9.7 caused an issue with adding/updating the postmeta for users without builder access. This was caused by one of the new security additions in 1.9.7.

Full v1.9.7.1 changelog

The update we provided on February 13th with Bricks 1.9.6.1 was a quick and effective answer to the vulnerability reported on February 10th. It successfully tackled the urgent issue and also initiated a broader initiative to strengthen Bricks’ security rather than representing the final phase of our security enhancements.

We’ve dedicated the past four weeks to a thorough review and enhancement of our entire codebase. Our goal was clear: develop a solution for code execution that maintains the advanced code functionality you rely on while elevating Bricks’ default security level to new heights.

This 1.9.7 update is the result of this effort. It introduces a suite of new security features and improvements.

It also addresses a smaller, possible authenticated issue discovered while working on 1.9.7, which requires a contributor role or above, bad intentions, and a code execute user to perform certain additional steps. There is no need to panic or update in the next 5 minutes, but we recommend updating as soon as you have the chance.

If you experience any problems after updating, please reach out to us via email at [email protected].

Before you update, please take a full backup of your site!

The significant changes of this update could impact your site’s functionality. A backup ensures you have a safe point to revert to if necessary. Please do not skip this critical step.

Continue reading the full changelog entry with all details by clicking to link below …

Full v1.9.7 changelog

We just released a mandatory security update with Bricks 1.9.6.1. 

A leading security expert in the WordPress space just brought this vulnerability to our attention, and we instantly got to work, providing you now with a verified patch.

As of the time of this release, there’s no evidence that this vulnerability has been exploited. However, the potential for exploitation increases the longer the update to 1.9.6.1 is delayed.

We advise you to update all your Bricks sites immediately.

Key Instructions

Update Now: Update all your Bricks sites to the latest Bricks 1.9.6.1 as soon as possible. But at least within the next 24 hours. The earlier, the better.

Backup Caution: If you use website backups, remember they may include an older, vulnerable version of Bricks. Restoring from these backups can reintroduce the vulnerability. Please update your backups with the secure 1.9.6.1 version.

Updating is straightforward and can be done with one click right from your WordPress dashboard. It should not affect your site’s functionality.

If you have any questions or experience any functionality loss after the update, please email our customer support at [email protected].

How to update Bricks

1. One-Click Update from WordPress Dashboard

Navigate to Appearance > Themes in your WordPress dashboard.

Locate Bricks, and if the update notification for 1.9.6.1 is visible, click to update.

If you don’t see the update notification:

Go to Dashboard > Updates and click on the “Check Again” link. Once the update appears, proceed to update Bricks.

2. Manual Update

If the one-click update does not work or you prefer a manual update, visit your Bricks account at https://my.bricksbuilder.io/ and download the latest version of the Bricks theme (1.9.6.1).

Back in your WordPress dashboard, go to Appearance > Themes, click “Add New” and then “Upload Theme”.

Select the ZIP file you just downloaded and install it. Overriding your existing version of Bricks if asked.

Better to be safe than sorry

While addressing security concerns is an integral and regular part of maintaining any WordPress-based theme or plugin, approaches to communication about these updates can vary.

We believe in being extra cautious — it’s better to be safe than sorry. Keeping our community informed and engaged ensures you’re always up to date and your site remains secure.

We encourage you to share this update with fellow Bricks users to help maintain a secure community for everyone.

Time to update,
Thomas & team

Full v1.9.6.1 changelog

With over 15.400 upvotes, the new Query sort, filter, and live search functionality is our most requested set of features.

We are happy to announce that it is now available as an experimental feature in Bricks 1.9.6.

Other highlights of this release include:

  • Query loop: The “No results” setting now supports choosing a section template to render if the query returns no results. Previously, you could only add a basic No-results text string.
  • SVG element: Support Dynamic data (field type: image, file) & inline code (requires “Code execution” capability)
  • Order element classes: Order global classes on an element via drag & drop

Plus 30 more improvements and bug fixes that you can explore in the full changelog entry …

Full v1.9.6 changelog