Ir al contenido principal

Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

Read more


  1. Hack Tools Download
  2. Hacker Tools Free Download
  3. Hacker Tool Kit
  4. Hack Tools Download
  5. Pentest Tools List
  6. Hacker Hardware Tools
  7. Pentest Tools Github
  8. Hacking Tools Name
  9. Pentest Box Tools Download
  10. Hacker Tools Free Download
  11. Pentest Tools Bluekeep
  12. Hacker Tools Software
  13. Hacker Tools Github
  14. World No 1 Hacker Software
  15. Nsa Hacker Tools
  16. Hacking Tools For Windows
  17. Hacker Hardware Tools
  18. How To Hack
  19. Hacker Tools For Windows
  20. Pentest Tools Download
  21. Ethical Hacker Tools
  22. Pentest Tools Android
  23. Hacking Tools Download
  24. Hack Tools For Mac
  25. Hacking Tools And Software
  26. Nsa Hack Tools
  27. New Hack Tools
  28. Hacker Tools Apk
  29. Hack Tools Pc
  30. Hacker
  31. Pentest Tools Alternative
  32. Computer Hacker
  33. Pentest Tools Open Source
  34. Hacking Tools For Mac
  35. Pentest Tools For Ubuntu
  36. Hack Tools For Mac
  37. Hacker Tools For Ios
  38. Hacking Tools For Windows
  39. Hacking Tools For Mac
  40. Pentest Tools Online
  41. Pentest Tools Apk
  42. Pentest Tools Find Subdomains
  43. Best Hacking Tools 2019
  44. Tools 4 Hack
  45. Hacker Tools Windows
  46. Hacking Tools 2020
  47. Hack Tools For Games
  48. Pentest Tools For Mac
  49. Hacking Tools For Beginners
  50. Android Hack Tools Github
  51. Hack Rom Tools
  52. Hacker Tools For Mac
  53. Hack Tools
  54. Pentest Tools
  55. Hacker Tools Linux
  56. Pentest Box Tools Download
  57. Tools 4 Hack
  58. Kik Hack Tools
  59. New Hacker Tools
  60. What Is Hacking Tools
  61. Pentest Tools For Windows
  62. Pentest Tools For Windows
  63. Hack Tools Pc
  64. Pentest Tools Kali Linux
  65. Hack Tools For Windows
  66. Hacker Tools For Windows
  67. Hacks And Tools
  68. Pentest Tools For Ubuntu
  69. Hack Tools For Pc
  70. Computer Hacker
  71. Hacker
  72. Game Hacking
  73. Github Hacking Tools
  74. Blackhat Hacker Tools
  75. Pentest Box Tools Download
  76. Hack Tools Mac
  77. Hacking Tools 2019
  78. Pentest Tools Framework
  79. Hacking Tools 2020
  80. Pentest Tools Linux
  81. Hacker Security Tools
  82. Hacker Tools For Ios
  83. Ethical Hacker Tools
  84. Hacks And Tools
  85. Hacker Security Tools
  86. Hacking Tools Github
  87. Hacks And Tools
  88. Pentest Tools Url Fuzzer
  89. Game Hacking
  90. Hack Tools
  91. Hack Tools Mac
  92. Pentest Tools Bluekeep
  93. Hack Tools 2019
  94. Hacking Tools For Mac
  95. Hacker Search Tools
  96. Pentest Tools Android
  97. Hacking Tools For Games
  98. Hack Tools For Mac
  99. Hack Tools Pc
  100. Hack Tools For Pc
  101. Pentest Tools Free
  102. Hacker Tools 2020
  103. Hacker Tools 2019
  104. New Hacker Tools
  105. Hacking Tools For Pc
  106. Best Hacking Tools 2020
  107. Nsa Hack Tools
  108. Hacker Search Tools
  109. Usb Pentest Tools
  110. Hak5 Tools
  111. How To Hack
  112. Growth Hacker Tools
  113. Pentest Tools Github
  114. Hacking Apps
  115. Nsa Hack Tools Download
  116. Hack Tools For Mac
  117. Pentest Tools Tcp Port Scanner
  118. Hacker Hardware Tools
  119. Hack Rom Tools
  120. Nsa Hack Tools Download
  121. Kik Hack Tools
  122. Hacking App
  123. Hack Tool Apk
  124. Hack Tools
  125. Hack Tools For Ubuntu
  126. Hacking Tools For Windows 7
  127. Usb Pentest Tools
  128. Hacker Tools Free Download
  129. Pentest Tools Review
  130. Hack And Tools
  131. Pentest Tools Kali Linux
  132. Hack Tools Pc
  133. Hack Tools 2019
  134. Hacking Tools Github
  135. Bluetooth Hacking Tools Kali
  136. Hacking Tools For Windows
  137. Underground Hacker Sites
  138. Blackhat Hacker Tools
  139. Hacking Tools Name
  140. Hacking Tools For Windows 7
  141. Hacker Tools For Windows
  142. Hacking Tools
  143. Wifi Hacker Tools For Windows
  144. Hacker Tools Free
  145. Growth Hacker Tools
  146. Hacking Tools For Beginners
  147. Hacking Tools Download
  148. Hacker Tool Kit
  149. Hacking Tools
  150. Nsa Hack Tools
  151. Hacker Tools List
  152. Hack Tools Github
  153. Pentest Tools Website Vulnerability

Comentarios

Publicar un comentario

Entradas populares de este blog

Stocks making the biggest moves midday: L Brands, Estee Lauder, CureVac, Tesla & more

Stocks making the biggest moves midday: L Brands, Estee Lauder, CureVac, Tesla & more This is a developing news story. Please check back for updates: https://www.cnbc.com/2020/08/20/stocks-making-the-biggest-moves-midday-l-brands-estee-lauder-curevac-tesla-more.html Follow @CNBCnow for breaking news and real-time market updates Unsubscribe Manage Newsletters Terms of Service Join the CNBC Panel   Digital Products Feedback Privacy Policy CNBC Events   © 2020 CNBC LLC. All rights reserved. A property of NBCUniversal. 900 Sylvan Avenue, Englewood Cliffs, NJ 07632 D
Publicar un comentario
Leer más

13 Foods That (Basically) Never Spoil

13 Foods That (Basically) Never Spoil Get the Magazine 13 Foods That (Basically) Never Spoil Read More »
Publicar un comentario
Leer más

Another S&P 500 record as month-end nears | Paypal to offer stock trading? | The end of the 20-year Afghanistan war

The S&P 500 set another record high on Monday as the market continued to rise in the final days of August. VIEW IN BROWSER | SUBSCRIBE MON, AUG 30, 2021 EVENING BRIEF   AS OF MON, AUG 30, 2021 • 04:51 ET DJIA 35399.84 -0.16% -55.96 S&P 500 4528.79 +0.43% +19.42 NASDAQ 15265.89 +0.90% +136.39   Most Active DOW NAME LAST CHG %CHG AAPL 153.12 +4.52 +3.04% MSFT 303.59 +3.87 +1.29% INTC
Publicar un comentario
Leer más