Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 

A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

Read more

1. Hack Tools Download
2. Hacker Tools Free Download
3. Hacker Tool Kit
4. Hack Tools Download
5. Pentest Tools List
6. Hacker Hardware Tools
7. Pentest Tools Github
8. Hacking Tools Name
9. Pentest Box Tools Download
10. Hacker Tools Free Download
11. Pentest Tools Bluekeep
12. Hacker Tools Software
13. Hacker Tools Github
14. World No 1 Hacker Software
15. Nsa Hacker Tools
16. Hacking Tools For Windows
17. Hacker Hardware Tools
18. How To Hack
19. Hacker Tools For Windows
20. Pentest Tools Download
21. Ethical Hacker Tools
22. Pentest Tools Android
23. Hacking Tools Download
24. Hack Tools For Mac
25. Hacking Tools And Software
26. Nsa Hack Tools
27. New Hack Tools
28. Hacker Tools Apk
29. Hack Tools Pc
30. Hacker
31. Pentest Tools Alternative
32. Computer Hacker
33. Pentest Tools Open Source
34. Hacking Tools For Mac
35. Pentest Tools For Ubuntu
36. Hack Tools For Mac
37. Hacker Tools For Ios
38. Hacking Tools For Windows
39. Hacking Tools For Mac
40. Pentest Tools Online
41. Pentest Tools Apk
42. Pentest Tools Find Subdomains
43. Best Hacking Tools 2019
44. Tools 4 Hack
45. Hacker Tools Windows
46. Hacking Tools 2020
47. Hack Tools For Games
48. Pentest Tools For Mac
49. Hacking Tools For Beginners
50. Android Hack Tools Github
51. Hack Rom Tools
52. Hacker Tools For Mac
53. Hack Tools
54. Pentest Tools
55. Hacker Tools Linux
56. Pentest Box Tools Download
57. Tools 4 Hack
58. Kik Hack Tools
59. New Hacker Tools
60. What Is Hacking Tools
61. Pentest Tools For Windows
62. Pentest Tools For Windows
63. Hack Tools Pc
64. Pentest Tools Kali Linux
65. Hack Tools For Windows
66. Hacker Tools For Windows
67. Hacks And Tools
68. Pentest Tools For Ubuntu
69. Hack Tools For Pc
70. Computer Hacker
71. Hacker
72. Game Hacking
73. Github Hacking Tools
74. Blackhat Hacker Tools
75. Pentest Box Tools Download
76. Hack Tools Mac
77. Hacking Tools 2019
78. Pentest Tools Framework
79. Hacking Tools 2020
80. Pentest Tools Linux
81. Hacker Security Tools
82. Hacker Tools For Ios
83. Ethical Hacker Tools
84. Hacks And Tools
85. Hacker Security Tools
86. Hacking Tools Github
87. Hacks And Tools
88. Pentest Tools Url Fuzzer
89. Game Hacking
90. Hack Tools
91. Hack Tools Mac
92. Pentest Tools Bluekeep
93. Hack Tools 2019
94. Hacking Tools For Mac
95. Hacker Search Tools
96. Pentest Tools Android
97. Hacking Tools For Games
98. Hack Tools For Mac
99. Hack Tools Pc
100. Hack Tools For Pc
101. Pentest Tools Free
102. Hacker Tools 2020
103. Hacker Tools 2019
104. New Hacker Tools
105. Hacking Tools For Pc
106. Best Hacking Tools 2020
107. Nsa Hack Tools
108. Hacker Search Tools
109. Usb Pentest Tools
110. Hak5 Tools
111. How To Hack
112. Growth Hacker Tools
113. Pentest Tools Github
114. Hacking Apps
115. Nsa Hack Tools Download
116. Hack Tools For Mac
117. Pentest Tools Tcp Port Scanner
118. Hacker Hardware Tools
119. Hack Rom Tools
120. Nsa Hack Tools Download
121. Kik Hack Tools
122. Hacking App
123. Hack Tool Apk
124. Hack Tools
125. Hack Tools For Ubuntu
126. Hacking Tools For Windows 7
127. Usb Pentest Tools
128. Hacker Tools Free Download
129. Pentest Tools Review
130. Hack And Tools
131. Pentest Tools Kali Linux
132. Hack Tools Pc
133. Hack Tools 2019
134. Hacking Tools Github
135. Bluetooth Hacking Tools Kali
136. Hacking Tools For Windows
137. Underground Hacker Sites
138. Blackhat Hacker Tools
139. Hacking Tools Name
140. Hacking Tools For Windows 7
141. Hacker Tools For Windows
142. Hacking Tools
143. Wifi Hacker Tools For Windows
144. Hacker Tools Free
145. Growth Hacker Tools
146. Hacking Tools For Beginners
147. Hacking Tools Download
148. Hacker Tool Kit
149. Hacking Tools
150. Nsa Hack Tools
151. Hacker Tools List
152. Hack Tools Github
153. Pentest Tools Website Vulnerability