Sunday, May 28, 2023

Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

Read more


  1. Hacking App
  2. How To Install Pentest Tools In Ubuntu
  3. Pentest Tools Download
  4. Pentest Tools Open Source
  5. Hacker Tools Github
  6. Hack Tools For Windows
  7. Hacker Tools Windows
  8. Pentest Tools
  9. Hacking Tools For Mac
  10. Hacker Tools Windows
  11. Pentest Tools Download
  12. New Hack Tools
  13. Hacker Tools Mac
  14. Hacker Tools Apk
  15. Tools 4 Hack
  16. Hacker Tools Apk
  17. How To Hack
  18. Physical Pentest Tools
  19. Nsa Hack Tools
  20. Pentest Tools Kali Linux
  21. Hacking Tools For Windows Free Download
  22. World No 1 Hacker Software
  23. Computer Hacker
  24. Hack Tools
  25. Github Hacking Tools
  26. Pentest Tools
  27. Game Hacking
  28. Hacker Tools Apk Download
  29. Best Hacking Tools 2020
  30. Pentest Tools Android
  31. Pentest Tools Website Vulnerability
  32. Hacking Tools 2020
  33. Hack Tools Github
  34. Pentest Tools Website
  35. Hack App
  36. Pentest Tools
  37. Pentest Tools Port Scanner
  38. Hack Tools
  39. Hacking Tools Name
  40. Pentest Tools Framework
  41. Easy Hack Tools
  42. Pentest Tools Alternative
  43. Pentest Tools
  44. Growth Hacker Tools
  45. Pentest Tools List
  46. Pentest Tools Linux
  47. Install Pentest Tools Ubuntu
  48. Pentest Tools Url Fuzzer
  49. Pentest Tools For Android
  50. What Is Hacking Tools
  51. Pentest Tools Nmap
  52. Hacker
  53. Hacking Tools For Windows 7
  54. Github Hacking Tools
  55. Hacking Tools For Mac
  56. Pentest Tools Linux
  57. Hacking Tools Mac
  58. Pentest Tools Subdomain
  59. Pentest Tools Bluekeep
  60. Physical Pentest Tools
  61. Pentest Tools
  62. Game Hacking
  63. Hacking Tools Online
  64. Hacking Tools For Mac
  65. Hacker Security Tools
  66. Top Pentest Tools
  67. Pentest Tools For Mac
  68. Pentest Automation Tools
  69. Hack Tools For Windows
  70. Pentest Tools Review
  71. Hacker Security Tools
  72. Hacker Tools List
  73. Free Pentest Tools For Windows
  74. Hacker Tools Apk Download
  75. Hack Apps
  76. Hack Website Online Tool
  77. Hacking Tools For Games
  78. Tools For Hacker
  79. Hack Tools For Pc
  80. Hack Apps
  81. Pentest Tools Framework
  82. Pentest Tools
  83. Hacker Tools Free Download
  84. Hacker
  85. Pentest Tools Tcp Port Scanner
  86. Hack Tools For Pc
  87. Hacker Tools For Ios
  88. World No 1 Hacker Software
  89. Pentest Tools Website
  90. Hack Tools 2019
  91. Hacking Tools For Pc
  92. Hacking Tools Github
  93. Hack Tools Mac
  94. Hacker Tools Apk
  95. Hack Tool Apk No Root
  96. Hacker Tools For Windows
  97. Pentest Tools Port Scanner
  98. Hack Tools Mac
  99. Hack Tools For Games
  100. Free Pentest Tools For Windows
  101. Hacking Tools For Mac
  102. Hack Tools
  103. Pentest Tools Url Fuzzer
  104. Hacking Tools Windows
  105. Hacking Tools For Windows Free Download
  106. Hacker Hardware Tools
  107. Nsa Hack Tools Download
  108. Hacker Techniques Tools And Incident Handling
  109. Hacking Tools Windows
  110. Hacker Tool Kit
  111. Hacker Security Tools
  112. Hacking Tools Usb
  113. Pentest Tools Download
  114. Hack Tools 2019
  115. New Hack Tools
  116. Hack Tool Apk No Root
  117. Hack Tools For Ubuntu
  118. New Hack Tools
  119. Hacker Tools Software
  120. Pentest Tools Bluekeep
  121. Hacking Tools For Games
  122. Free Pentest Tools For Windows
  123. Hacking Tools And Software
  124. Hacking App
  125. Hack Rom Tools
  126. Hacker Tools
  127. Hack And Tools
  128. Hacking Tools 2019
  129. Pentest Tools Download
  130. Hacker Search Tools
  131. Hack Tools
  132. Hack Tools For Pc
  133. Physical Pentest Tools
  134. Hacking Tools For Kali Linux
  135. Pentest Tools List
  136. Pentest Tools Open Source
  137. Tools Used For Hacking
  138. Hacker Techniques Tools And Incident Handling
  139. Hacking Tools
  140. Blackhat Hacker Tools
  141. Hacker Tools For Pc
  142. Hack Tools Online
  143. Hacking Tools For Kali Linux
  144. Hack Tools Github
  145. Hacking Tools For Windows
  146. Pentest Tools Open Source
  147. Pentest Automation Tools
  148. Hacking Tools 2019
Posted by at

No comments:

Post a Comment

Have something to say about one of the videos or blogs, well here is a chance to do that now!!! Yes, you can do it, you know you can!!!!!

Subscribe to: Post Comments (Atom)