Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

More information


  1. Pentest Tools Website
  2. Pentest Tools Bluekeep
  3. Hacking Tools Free Download
  4. Pentest Tools Linux
  5. Hack Tools Pc
  6. Hack Tools Pc
  7. Easy Hack Tools
  8. Tools Used For Hacking
  9. Hacker Hardware Tools
  10. Hacker Tools Free
  11. Hackrf Tools
  12. Hacker Tools Apk Download
  13. Free Pentest Tools For Windows
  14. Hacker Search Tools
  15. Hack Tools For Windows
  16. Pentest Tools List
  17. Hack Tools Pc
  18. Growth Hacker Tools
  19. Hack Tools Github
  20. Pentest Automation Tools
  21. Hacking Tools Windows
  22. Hacker Tools Free Download
  23. Hacker Techniques Tools And Incident Handling
  24. Hacker Tools Free
  25. Hacker Tools Free Download
  26. Hacker Tools Windows
  27. Hacking Tools Kit
  28. Hack Tools For Windows
  29. Hack Tools
  30. Hacking Tools And Software
  31. Termux Hacking Tools 2019
  32. Pentest Tools Tcp Port Scanner
  33. Wifi Hacker Tools For Windows
  34. Best Hacking Tools 2019
  35. Pentest Tools Find Subdomains
  36. Hack Tools Pc
  37. Hack Tools Mac
  38. Hack Website Online Tool
  39. Termux Hacking Tools 2019
  40. Bluetooth Hacking Tools Kali
  41. Hack Tools 2019
  42. Pentest Tools Free
  43. Termux Hacking Tools 2019
  44. Hacker Tools Free Download
  45. Pentest Tools Subdomain
  46. Hackers Toolbox
  47. What Is Hacking Tools
  48. Bluetooth Hacking Tools Kali
  49. Hacker Tools
  50. Hacker Tools Free
  51. Hacking Tools 2019
  52. Pentest Tools Subdomain
  53. Hacker Tools List
  54. Game Hacking
  55. Hacker Tools For Ios
  56. Hack Website Online Tool
  57. Hacking Tools Name
  58. Best Hacking Tools 2019
  59. Hacker Tools For Mac
  60. Hak5 Tools
  61. Pentest Tools Website
  62. Android Hack Tools Github
  63. Tools For Hacker
  64. Hacker Tools Software
  65. Hacking Tools Github
  66. Wifi Hacker Tools For Windows
  67. Ethical Hacker Tools
  68. Android Hack Tools Github
  69. Hacker Tools For Windows
  70. Hack Tools For Games
  71. Hacking Tools Mac
  72. Hack Tools
  73. Nsa Hacker Tools
  74. Pentest Box Tools Download
  75. Nsa Hacker Tools
  76. Wifi Hacker Tools For Windows
  77. Black Hat Hacker Tools
  78. Hack Tools Online
  79. Hackers Toolbox
  80. Hack Tools For Mac
  81. Pentest Tools For Android
  82. Pentest Tools Review
  83. Hacker Tools List
  84. Pentest Tools Website Vulnerability
  85. Hacking Tools
  86. Pentest Reporting Tools
  87. Wifi Hacker Tools For Windows
  88. Hacking Tools For Pc
  89. Hack Tools For Windows
  90. Hack Tools
  91. Black Hat Hacker Tools
  92. Top Pentest Tools
  93. Tools Used For Hacking
  94. Hack Tool Apk No Root
  95. Hack Tools For Windows
  96. Hacking Tools For Pc
  97. What Are Hacking Tools
  98. Physical Pentest Tools
  99. Pentest Tools Alternative
  100. Hacks And Tools
  101. Hack Tools Github
  102. Hack Tool Apk
  103. How To Hack
  104. Hack Tools For Pc
  105. Best Hacking Tools 2020
  106. Hacking Tools Hardware
  107. Hacker Tool Kit
  108. Black Hat Hacker Tools
  109. Hacks And Tools
  110. Pentest Tools Framework
  111. Hack And Tools
  112. Computer Hacker
  113. Hack Tools Online
  114. Hack Apps
  115. Termux Hacking Tools 2019
  116. Hack Apps
  117. Pentest Tools Tcp Port Scanner
  118. Hack Tool Apk
  119. Wifi Hacker Tools For Windows
  120. Hacker Tools Apk Download
  121. Pentest Tools Port Scanner
  122. New Hacker Tools
  123. How To Hack
  124. Hacking Tools Usb
  125. Hacking Tools Download
  126. Hack Apps
  127. Pentest Tools For Ubuntu
  128. Hacker Techniques Tools And Incident Handling
  129. Hacker Tools Online
  130. Hack Tools Github
  131. Pentest Tools
  132. Hack Tools Online
  133. Hacking App
  134. Hack Tool Apk
  135. Pentest Reporting Tools
  136. Pentest Tools Linux
  137. Hacking Tools Windows
  138. Hacker Tool Kit
  139. Hacker Search Tools

Sem comentários:

Enviar um comentário

Subscrever: Enviar feedback (Atom)