Saturday, January 27, 2024

Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

Related news


  1. Hacking Tools Windows 10
  2. Nsa Hack Tools Download
  3. Hacking Apps
  4. Hack Tools For Pc
  5. Hacker Search Tools
  6. Hacker
  7. Hacker Tools Free
  8. Hacker Tools Online
  9. Hack Apps
  10. Hack Tools Mac
  11. Pentest Tools Github
  12. New Hacker Tools
  13. World No 1 Hacker Software
  14. Hacking Tools For Games
  15. Hackers Toolbox
  16. Pentest Tools Windows
  17. Hack Tools Pc
  18. Hack Tool Apk
  19. Hacker Tools For Windows
  20. Hacker Tools Software
  21. Easy Hack Tools
  22. Hacker Tools
  23. Hacking Tools Windows
  24. Hacker Tools Free Download
  25. Pentest Tools Review
  26. Hack And Tools
  27. Hack Tools For Ubuntu
  28. Pentest Recon Tools
  29. Tools For Hacker
  30. Hacker Tools Linux
  31. Hacking Tools Name
  32. Hacking Tools Download
  33. Hacker
  34. Hack Apps
  35. Hacking Tools Free Download
  36. Hacking Tools For Windows
  37. Hacker Tools Linux
  38. Pentest Tools Github
  39. Hack Tools
  40. Hacker Tools Apk
  41. Hack Tools
  42. Hacker Tools
  43. Hack Tools For Games
  44. Hacker Tools 2020
  45. World No 1 Hacker Software
  46. Tools For Hacker
  47. Pentest Tools Open Source
  48. Hack Website Online Tool
  49. Best Hacking Tools 2019
  50. Hacker Tools 2020
  51. Pentest Tools Framework
  52. Termux Hacking Tools 2019
  53. Hack Tools Online
  54. Kik Hack Tools
  55. World No 1 Hacker Software
  56. Black Hat Hacker Tools
  57. Hacking Tools
  58. Hacking Tools And Software
  59. Hacker Tools Free
  60. Hack Tools Mac
  61. Hack And Tools
  62. Hacking Tools Windows
  63. Hacking Tools Usb
  64. Free Pentest Tools For Windows
  65. Hacker Tools Mac
  66. Nsa Hacker Tools
  67. Hack Tools For Ubuntu
  68. Hacks And Tools
  69. Hack Tools For Windows
  70. Hacking Tools Windows 10
  71. Hackrf Tools
  72. Easy Hack Tools
  73. Nsa Hacker Tools
  74. Hacker Tools List
  75. Hacker Tools For Ios
  76. Hacking Tools Pc
  77. Hacking Tools For Windows 7
  78. Black Hat Hacker Tools
  79. Hak5 Tools
  80. Github Hacking Tools
  81. Kik Hack Tools
  82. Hacker Tools Github
  83. Hacker Tools Online
  84. Pentest Tools Subdomain
  85. Hacker Tools Hardware
  86. Hacking Tools Mac
  87. Hacker Tools Software
  88. Pentest Tools Kali Linux
  89. Hacker Tools Apk Download
  90. Hacker
  91. Usb Pentest Tools
  92. Pentest Tools Apk
  93. Hacker Tools Windows
  94. Hacker Tools For Windows
  95. Hackrf Tools
  96. Hacking Tools For Windows
  97. Pentest Box Tools Download
  98. Hacker Tools For Windows
  99. Hack Tools For Ubuntu
  100. Hacker Tools Windows
  101. Hacking Tools 2020
  102. Bluetooth Hacking Tools Kali
  103. Hack Apps
  104. Blackhat Hacker Tools
  105. Hacker Tool Kit
  106. Hacker Tools Online
  107. Hacker Tools Online
  108. Hacking Tools Download
  109. Ethical Hacker Tools
  110. Pentest Tools Port Scanner
  111. Hack App
  112. Hacking Tools For Pc
  113. Hacking Tools Windows 10
  114. Pentest Tools Apk
  115. Pentest Tools Website Vulnerability
  116. Growth Hacker Tools
  117. Hacking App
  118. New Hack Tools
  119. Hacker Tools List
  120. Hacker Search Tools
  121. Pentest Tools Bluekeep
  122. Hacking Tools Download
  123. Hacking Tools Software
  124. What Is Hacking Tools
  125. Bluetooth Hacking Tools Kali
  126. Hack Tools 2019
  127. Hack Tools For Windows
  128. Kik Hack Tools
  129. Hacker Tools 2019
  130. Black Hat Hacker Tools
  131. Hacking Tools Download
  132. Underground Hacker Sites
  133. Hacking Tools Kit
  134. Hacking Tools Download
  135. Hack App
  136. Hacker Tools Software
  137. Pentest Tools Open Source
  138. What Are Hacking Tools
  139. What Is Hacking Tools
  140. Free Pentest Tools For Windows
  141. Hack Tools For Windows

No comments:

Post a Comment