Friday, January 26, 2024

Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

More information

  1. Hacker Tools Github
  2. Hacker Tools For Pc
  3. Top Pentest Tools
  4. Pentest Tools Url Fuzzer
  5. Github Hacking Tools
  6. Hacking Tools Online
  7. Computer Hacker
  8. Hacker Tools Apk Download
  9. Pentest Tools Github
  10. Hacker Search Tools
  11. Pentest Tools Website
  12. Hak5 Tools
  13. Pentest Tools Bluekeep
  14. Hack Tools Download
  15. Hack And Tools
  16. Hacker Tools 2020
  17. Pentest Tools Apk
  18. Hacker Tools Online
  19. Hacking Tools Mac
  20. Pentest Box Tools Download
  21. Hacker Tools Apk Download
  22. How To Install Pentest Tools In Ubuntu
  23. Pentest Tools For Mac
  24. Hacker Search Tools
  25. Tools For Hacker
  26. Pentest Tools Website Vulnerability
  27. Pentest Tools For Ubuntu
  28. Hacker Tools 2020
  29. Pentest Automation Tools
  30. Hack Tools 2019
  31. Hacking Tools Name
  32. Bluetooth Hacking Tools Kali
  33. Pentest Tools Framework
  34. Hacker Tools Apk
  35. Nsa Hack Tools Download
  36. Top Pentest Tools
  37. Hack Tool Apk
  38. Blackhat Hacker Tools
  39. Hacking Tools For Windows Free Download
  40. Pentest Tools Online
  41. Hack Tools Github
  42. New Hack Tools
  43. What Is Hacking Tools
  44. Github Hacking Tools
  45. Hacking Tools Pc
  46. Hacking Tools For Pc
  47. Pentest Tools Review
  48. Pentest Recon Tools
  49. Hacker Tools Apk
  50. Pentest Tools For Windows
  51. Hacking Tools For Kali Linux
  52. Pentest Tools Url Fuzzer
  53. Pentest Tools For Windows
  54. Hack Website Online Tool
  55. Bluetooth Hacking Tools Kali
  56. Growth Hacker Tools
  57. Hack Tools For Pc
  58. Pentest Tools Apk
  59. Hack Tools Github
  60. Hacking Tools For Beginners
  61. Hack Tools For Ubuntu
  62. Hacking Tools And Software
  63. Hacking Tools For Pc
  64. Hacker Tools Apk Download
  65. Hak5 Tools
  66. Hack Tool Apk No Root
  67. Hack Tools
  68. Pentest Tools Find Subdomains
  69. What Are Hacking Tools
  70. Hacking Tools Name
  71. Kik Hack Tools
  72. Hacker Tools Free Download
  73. Hack Tools For Pc
  74. How To Make Hacking Tools
  75. World No 1 Hacker Software
  76. Hacking Tools Windows 10
  77. Pentest Tools Tcp Port Scanner
  78. Tools Used For Hacking
  79. Hacking Tools 2019
  80. Pentest Tools Framework
  81. Pentest Tools Url Fuzzer
  82. Hacking Tools For Windows
  83. Pentest Tools Tcp Port Scanner
  84. Hak5 Tools
  85. Black Hat Hacker Tools
  86. Pentest Tools For Android
  87. Hack App
  88. Hacking Tools Name
  89. Pentest Tools Download
  90. Hack Tools 2019
  91. Hacker Tools 2020
  92. Hack Apps
  93. Pentest Tools Open Source
  94. Free Pentest Tools For Windows
  95. Pentest Tools Windows
  96. Hacking Tools Windows 10
  97. Computer Hacker
  98. Hacker Tools For Windows
  99. Hacker Tools Mac
  100. Physical Pentest Tools
  101. Usb Pentest Tools
  102. Hacker Tool Kit
  103. New Hack Tools
  104. Computer Hacker
  105. Hack Tools Github
  106. Pentest Tools For Ubuntu
  107. Hacking Tools Usb
  108. Hacker Tools Free
  109. Pentest Tools Nmap
  110. Hack Tools Pc
  111. Pentest Tools Review
  112. Pentest Tools Online
  113. Hacking Tools Online
  114. Hacking Tools 2019
  115. Pentest Tools Alternative
  116. Hack Tools Pc
  117. Black Hat Hacker Tools
  118. Hack Apps
  119. Pentest Tools Alternative
  120. Hack Tool Apk
  121. Hack Tools Mac
  122. Hack Tools For Mac
  123. Hacking Tools Free Download
  124. Tools 4 Hack
at

No comments:

Post a Comment