We just released a mandatory security update with Bricks 1.9.6.1. 

A leading security expert in the WordPress space just brought this vulnerability to our attention, and we instantly got to work, providing you now with a verified patch.

As of the time of this release, there’s no evidence that this vulnerability has been exploited. However, the potential for exploitation increases the longer the update to 1.9.6.1 is delayed.

We advise you to update all your Bricks sites immediately.

Key Instructions

Update Now: Update all your Bricks sites to the latest Bricks 1.9.6.1 as soon as possible. But at least within the next 24 hours. The earlier, the better.

Backup Caution: If you use website backups, remember they may include an older, vulnerable version of Bricks. Restoring from these backups can reintroduce the vulnerability. Please update your backups with the secure 1.9.6.1 version.

Updating is straightforward and can be done with one click right from your WordPress dashboard. It should not affect your site’s functionality. 

If you have any questions or experience any functionality loss after the update, please email our customer support at [email protected].

How to update Bricks

1. One-Click Update from WordPress Dashboard

Navigate to Appearance > Themes in your WordPress dashboard. 

Locate Bricks, and if the update notification for 1.9.6.1 is visible, click to update.

If you don’t see the update notification:

Go to Dashboard > Updates and click on the “Check Again” link. Once the update appears, proceed to update Bricks.

2. Manual Update

If the one-click update does not work or you prefer a manual update, visit your Bricks account at https://my.bricksbuilder.io/ and download the latest version of the Bricks theme (1.9.6.1).

Back in your WordPress dashboard, go to Appearance > Themes, click “Add New” and then “Upload Theme”.

Select the ZIP file you just downloaded and install it. Overriding your existing version of Bricks if asked.

Better to be safe than sorry

While addressing security concerns is an integral and regular part of maintaining any WordPress-based theme or plugin, approaches to communication about these updates can vary. 

We believe in being extra cautious — it’s better to be safe than sorry. Keeping our community informed and engaged ensures you’re always up to date and your site remains secure.

We encourage you to share this update with fellow Bricks users to help maintain a secure community for everyone.

Time to update,
Thomas & team

Full changelog

  • Query loop result: Use HTML comment as placeholder (instead of div node)Fix
All releases