Saturday, June 3, 2023

Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

Related posts

  1. Pentest Tools
  2. Hack App
  3. Pentest Tools Framework
  4. Hacking Tools Download
  5. Hack Website Online Tool
  6. Pentest Tools Linux
  7. Hack And Tools
  8. Hack Tools
  9. Hacking Tools Mac
  10. Hacker Tools Github
  11. Hacking Tools Free Download
  12. Pentest Box Tools Download
  13. Hacking Tools For Games
  14. Usb Pentest Tools
  15. Pentest Tools Review
  16. Termux Hacking Tools 2019
  17. Pentest Tools List
  18. Tools Used For Hacking
  19. Hacker Tools Free Download
  20. Hacking Tools Download
  21. Hack Tools 2019
  22. Pentest Tools For Ubuntu
  23. Hacking Tools Pc
  24. Computer Hacker
  25. Hacker
  26. Hack Tool Apk No Root
  27. Hacker Hardware Tools
  28. Tools Used For Hacking
  29. Hacker Tools Linux
  30. Hack Tools Online
  31. Pentest Tools Online
  32. Pentest Tools
  33. Hacker Search Tools
  34. Hacker Search Tools
  35. Pentest Tools
  36. Pentest Reporting Tools
  37. Black Hat Hacker Tools
  38. Hacker Tools Mac
  39. Hack Tools For Pc
  40. Pentest Tools Review
  41. Pentest Tools Url Fuzzer
  42. Beginner Hacker Tools
  43. Tools For Hacker
  44. New Hack Tools
  45. Hacking Tools 2020
  46. Hacking Tools 2019
  47. Pentest Automation Tools
  48. Pentest Tools Github
  49. Pentest Tools Website Vulnerability
  50. Hacker Tools For Mac
  51. Blackhat Hacker Tools
  52. Pentest Tools Port Scanner
  53. Physical Pentest Tools
  54. Top Pentest Tools
  55. Hacking Tools And Software
  56. Bluetooth Hacking Tools Kali
  57. Pentest Reporting Tools
  58. Pentest Tools Website
  59. Hacking Tools 2019
  60. Hacking Tools Mac
  61. New Hacker Tools
  62. Pentest Tools Linux
  63. Hacking Tools Download
  64. Hack Tools Download
  65. Hacking Tools Kit
  66. Best Pentesting Tools 2018
  67. Hacking Tools Hardware
  68. Kik Hack Tools
  69. Hack Tools Download
  70. Hack Tools 2019
  71. Hacker Tools Hardware
  72. Hacking App
  73. Hack Tools Github
  74. Hacker Tools For Windows
  75. Pentest Tools Online
  76. Tools 4 Hack
  77. Hacking Tools For Beginners
  78. Hacker Tools Software
  79. Hacker Tools For Ios
  80. Hacking Tools
  81. Hacking Apps
  82. Hackrf Tools
  83. Blackhat Hacker Tools
  84. Pentest Tools Kali Linux
  85. Hack And Tools
  86. Game Hacking
  87. Hack Tools
  88. Hacker Tools Software
  89. Hacking Tools
  90. Pentest Tools For Ubuntu
  91. Hacking App
  92. Hacking Tools Hardware
  93. Black Hat Hacker Tools
  94. How To Make Hacking Tools
  95. Hack Website Online Tool
  96. Hacking Tools For Pc
  97. Nsa Hack Tools
  98. Hacker Tools For Mac
  99. Best Hacking Tools 2019
  100. Pentest Tools List
  101. Hackers Toolbox
  102. Underground Hacker Sites
  103. Pentest Tools Free
  104. Hacker Tool Kit
  105. Hacker Hardware Tools
  106. Hacking Tools Github
  107. Computer Hacker
  108. Hacker Techniques Tools And Incident Handling
  109. Hacking Tools For Mac
  110. What Is Hacking Tools
  111. Hacker Tools Github
  112. Hack Tools Github
  113. Pentest Tools List
  114. Hacker Security Tools
  115. Free Pentest Tools For Windows
  116. Hackers Toolbox
  117. Underground Hacker Sites
  118. Hack Tool Apk No Root
  119. Hacker Tools Online
  120. Hacker Tools For Pc
  121. Pentest Tools Windows
  122. Easy Hack Tools
  123. Hacker Tools Hardware
  124. Hack Tools 2019
  125. Best Hacking Tools 2019
  126. Tools 4 Hack
  127. Kik Hack Tools
  128. Pentest Tools Bluekeep
  129. Hacking Tools Free Download
  130. Hack Tools Github
  131. Hacker Tool Kit
  132. Hacking Tools For Mac
  133. Pentest Tools Subdomain
  134. How To Make Hacking Tools
  135. Pentest Tools Framework
  136. Hacker Tools For Ios
  137. How To Make Hacking Tools
  138. Black Hat Hacker Tools
  139. Hacker Tools Github
  140. Hack Tools For Pc
  141. Ethical Hacker Tools
  142. Usb Pentest Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)