Friday, January 19, 2024

Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

Continue reading


  1. Hacker Tools Mac
  2. Underground Hacker Sites
  3. Black Hat Hacker Tools
  4. Pentest Tools Windows
  5. Termux Hacking Tools 2019
  6. Hacking Tools Pc
  7. Hacking Tools And Software
  8. Physical Pentest Tools
  9. Pentest Tools Framework
  10. Hacker Tools Windows
  11. Hacking Tools Windows
  12. Pentest Tools Open Source
  13. Hacker Tools 2020
  14. Pentest Tools Windows
  15. Hacking Tools For Kali Linux
  16. Pentest Tools Url Fuzzer
  17. Pentest Tools For Ubuntu
  18. How To Make Hacking Tools
  19. Hacker Tools Windows
  20. Pentest Tools List
  21. Pentest Tools Kali Linux
  22. What Is Hacking Tools
  23. Hacks And Tools
  24. Pentest Reporting Tools
  25. Nsa Hack Tools
  26. Hacking App
  27. How To Make Hacking Tools
  28. Pentest Tools For Android
  29. Hacking Tools For Games
  30. Growth Hacker Tools
  31. Top Pentest Tools
  32. Hack Tools
  33. Hak5 Tools
  34. Android Hack Tools Github
  35. Hacker Tools Software
  36. Pentest Tools Github
  37. Pentest Tools Subdomain
  38. Game Hacking
  39. Easy Hack Tools
  40. Pentest Box Tools Download
  41. Hacking Tools 2019
  42. Hacking Tools Mac
  43. Ethical Hacker Tools
  44. Hacking Tools Name
  45. Blackhat Hacker Tools
  46. Black Hat Hacker Tools
  47. Hacker Tools For Ios
  48. Hack Tools Mac
  49. Pentest Automation Tools
  50. Hacker Tools 2019
  51. Hak5 Tools
  52. Hack Tools Github
  53. Pentest Tools Windows
  54. Pentest Recon Tools
  55. Hacker Tool Kit
  56. Hacking Tools For Games
  57. Best Hacking Tools 2020
  58. Hack Rom Tools
  59. Hacker Tools Github
  60. Hack Tools Online
  61. Hacks And Tools
  62. Hacking Tools For Games
  63. Hack App
  64. Hacks And Tools
  65. Pentest Tools Find Subdomains
  66. Hacking Tools For Mac
  67. Physical Pentest Tools
  68. Hacker Tools Apk Download
  69. Hack App
  70. Pentest Automation Tools
  71. Hacker Tools
  72. Pentest Tools Android
  73. Hacking Tools For Games
  74. Hacker Tools Hardware
  75. Hacking Tools For Pc
  76. Tools Used For Hacking
  77. Hacking Tools Kit
  78. Pentest Recon Tools
  79. Hacking Tools
  80. Hacker Tools Github
  81. How To Install Pentest Tools In Ubuntu
  82. Hack App
  83. Hack Tools For Pc
  84. Hacking Tools Kit
  85. Pentest Tools Linux
  86. Hacker Tools Github
  87. Hack Tools 2019
  88. Hacker Security Tools
  89. Hacker Tools 2020
  90. Hack App
  91. Hacker Tools Apk
  92. Hacking Tools Mac
  93. Hacking Tools For Windows Free Download
  94. Pentest Box Tools Download
  95. Beginner Hacker Tools
  96. Hack Tools Mac
  97. Game Hacking
  98. Hack Tools For Windows
  99. Hacking Tools And Software
  100. Pentest Tools Windows
  101. Hack Tools For Windows
  102. Hacker Tools Free
  103. Hacking Tools For Games
  104. Pentest Tools Port Scanner
  105. Pentest Tools Port Scanner
  106. Hackers Toolbox
  107. Hacking Tools Kit
  108. Tools 4 Hack
  109. Pentest Tools Online
  110. Growth Hacker Tools
  111. Hacker Tools Linux
  112. Hacking Tools Pc
  113. What Is Hacking Tools
  114. Hacking Tools Online
  115. Top Pentest Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)