Saturday, January 20, 2024

Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

Related links
  1. How To Install Pentest Tools In Ubuntu
  2. How To Hack
  3. Hack Apps
  4. Hacker Security Tools
  5. Pentest Tools Kali Linux
  6. Pentest Tools Android
  7. Hak5 Tools
  8. Hacker Tools Linux
  9. Pentest Tools Download
  10. Hack Tools Pc
  11. Hacker Tools For Pc
  12. Hacking Tools Usb
  13. Hacking Tools Windows 10
  14. Hacking Tools Online
  15. How To Hack
  16. Tools 4 Hack
  17. Hack Tools For Mac
  18. Hacking Tools Windows 10
  19. Hackrf Tools
  20. Pentest Tools Url Fuzzer
  21. Hacker Tools Free Download
  22. Black Hat Hacker Tools
  23. Pentest Tools Linux
  24. Pentest Tools Free
  25. Pentest Tools Review
  26. Beginner Hacker Tools
  27. Easy Hack Tools
  28. How To Install Pentest Tools In Ubuntu
  29. Pentest Tools Tcp Port Scanner
  30. Hacker Tools Free
  31. Pentest Tools Port Scanner
  32. Pentest Tools Port Scanner
  33. Pentest Tools Url Fuzzer
  34. Hack Tools 2019
  35. Hacker Tools Hardware
  36. New Hacker Tools
  37. Hacking Tools 2020
  38. Hacking Tools Online
  39. Hacking Tools 2020
  40. Best Pentesting Tools 2018
  41. Hacker Tools Free
  42. Pentest Tools Free
  43. Hacker Techniques Tools And Incident Handling
  44. Pentest Automation Tools
  45. Hacker Tools Apk Download
  46. Hackers Toolbox
  47. Hacking Tools Software
  48. Nsa Hack Tools Download
  49. Nsa Hack Tools
  50. Hacker Tools Mac
  51. Pentest Automation Tools
  52. Hacking Tools 2019
  53. Computer Hacker
  54. Tools For Hacker
  55. Physical Pentest Tools
  56. Hack Tools For Mac
  57. Hacking Tools For Kali Linux
  58. Hack Website Online Tool
  59. Hacker Tools For Ios
  60. Hack Tools For Ubuntu
  61. Hacker Search Tools
  62. Kik Hack Tools
  63. Best Hacking Tools 2019
  64. Hacking Tools Software
  65. Pentest Tools Windows
  66. Hacking Tools Github
  67. Pentest Tools Subdomain
  68. Hacking Tools For Games
  69. Best Pentesting Tools 2018
  70. Hack Tools Github
  71. Pentest Tools Website
  72. Hack Tools
  73. Hacking Tools Hardware
  74. Pentest Tools Bluekeep
  75. Hacking Tools Github
  76. Pentest Tools Bluekeep
  77. Hack Tools Online
  78. Best Hacking Tools 2019
  79. Hacker
  80. Pentest Tools Free
  81. Pentest Recon Tools
  82. Pentest Tools Nmap
  83. Hack And Tools
  84. Install Pentest Tools Ubuntu
  85. Nsa Hacker Tools
  86. Pentest Tools Tcp Port Scanner
  87. Bluetooth Hacking Tools Kali
  88. Hacker Tools Free
  89. How To Hack
  90. Hack Tool Apk No Root
  91. Hacking Tools Windows
  92. Hacking Tools Usb
  93. Wifi Hacker Tools For Windows
  94. Hak5 Tools
  95. Hacker Tools For Pc
  96. Hacking Apps
  97. What Are Hacking Tools
  98. Pentest Tools Alternative
  99. Hack Tool Apk No Root
  100. Pentest Tools Framework
  101. Hack Tool Apk No Root
  102. Hacking App
  103. Github Hacking Tools
  104. Hacker Tools Apk
  105. How To Make Hacking Tools
  106. Hack Tools
  107. Hack Tools Github
  108. Hacking Tools For Windows Free Download
  109. Hackrf Tools
  110. Game Hacking
  111. How To Hack
  112. Install Pentest Tools Ubuntu
  113. Top Pentest Tools
  114. Hackrf Tools
  115. Pentest Tools Bluekeep
  116. Hacking Tools Name
  117. Underground Hacker Sites
  118. Hack Tools Pc
  119. Hack Tools 2019
  120. Tools 4 Hack
  121. Tools 4 Hack
  122. Hacking Tools Software
  123. Pentest Tools Linux
  124. Pentest Recon Tools
  125. Hacker Tools Mac
  126. Hacking Tools 2020
  127. Pentest Tools Website Vulnerability
  128. Hacking Tools For Games
  129. Black Hat Hacker Tools
  130. Hack Website Online Tool
  131. Hack Tools For Games
  132. Pentest Tools For Android
  133. Hak5 Tools
  134. Hacking Apps
  135. Hacking Tools Windows
  136. Hacking Tools 2020
  137. Pentest Tools Download
  138. Easy Hack Tools
  139. Hacking Tools For Windows 7
  140. Pentest Tools Nmap
  141. Hacker Tools Hardware
  142. Hacking Tools For Windows
  143. Hack And Tools
  144. Pentest Tools Download
  145. Hack Tools For Ubuntu
  146. Hacker Security Tools
  147. Pentest Tools Bluekeep
  148. Pentest Tools Bluekeep
  149. Tools For Hacker
  150. Hacking Tools Github
  151. Hacking Tools For Windows Free Download
  152. Hack Rom Tools
  153. Hacking Tools Github
  154. Pentest Tools For Mac
  155. Hacking Tools Hardware
  156. Pentest Tools Github
  157. Hack Website Online Tool
  158. Hackers Toolbox
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)