The vendor has released a patch (version 1.3.79) to fix the flaw (CVE-2023-5360), and users are recommended to upgrade as soon as possible, but a website cleanup may be necessary to remove any infections or malicious files.