Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations
A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.
The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.
"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."
That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.
The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."
The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.
Read more- Hacking Tools Name
- Pentest Tools Download
- Hacking Tools Kit
- How To Install Pentest Tools In Ubuntu
- New Hacker Tools
- Pentest Reporting Tools
- Hacker Hardware Tools
- What Is Hacking Tools
- Hacking Tools Name
- Hack Tools For Mac
- Hacker Tools List
- Hack Website Online Tool
- Hack Tool Apk
- Hacking Apps
- Hackers Toolbox
- Hacker Tools Hardware
- Hack Tools For Windows
- Android Hack Tools Github
- Pentest Tools Apk
- Hack Tools
- Hacker Tools Online
- New Hacker Tools
- How To Make Hacking Tools
- Tools Used For Hacking
- Hacking Tools For Windows
- Underground Hacker Sites
- Pentest Tools Free
- Hacking Tools Pc
- Hacking App
- Pentest Tools Kali Linux
- Hacking Tools And Software
- Best Hacking Tools 2020
- Hacker Tools Linux
- Nsa Hack Tools
- Hack Website Online Tool
- Pentest Tools Bluekeep
- Hacker Tool Kit
- Hacking Tools For Mac
- Tools Used For Hacking
- Github Hacking Tools
- Pentest Tools Find Subdomains
- Android Hack Tools Github
- Hacker Tool Kit
- Beginner Hacker Tools
- Hacking Tools For Windows Free Download
- Pentest Tools For Mac
- Pentest Tools Find Subdomains
- Free Pentest Tools For Windows
- Pentest Tools Apk
- Pentest Tools List
- Hackers Toolbox
- Pentest Reporting Tools
- Hacking Tools Software
- Game Hacking
- Hacker Techniques Tools And Incident Handling
- Pentest Box Tools Download
- Pentest Reporting Tools
- Pentest Automation Tools
- Hacker Tools For Pc
- Kik Hack Tools
- Hack Tools For Games
- Hack Website Online Tool
- Tools Used For Hacking
- Hak5 Tools
- Hacking Tools Windows 10
- Pentest Tools Alternative
- Pentest Tools Download
- Hacking Tools 2020
- Pentest Tools Website Vulnerability
- Pentest Tools Apk
- Pentest Tools Alternative
- Pentest Tools Nmap
- New Hack Tools
- Wifi Hacker Tools For Windows
- Kik Hack Tools
- Hacker Tools Windows
- Hacker Tools 2019
- Tools For Hacker
- Pentest Tools Website Vulnerability
- Hacking Tools And Software
- Hack Tools
- World No 1 Hacker Software
- Growth Hacker Tools
- Pentest Tools Online
- Pentest Tools Bluekeep
- Pentest Tools Port Scanner
- Easy Hack Tools
- Hacking Tools For Beginners
- Kik Hack Tools
- Beginner Hacker Tools
- Hacker Hardware Tools
- Hacker Tools 2019
- Hacking Tools 2019
- Blackhat Hacker Tools
- Pentest Tools Url Fuzzer
- Hacker Techniques Tools And Incident Handling
- Pentest Tools Download
- Kik Hack Tools
- Hacking Tools Free Download
- Hack Tools Download
- Growth Hacker Tools
- Hack Tools Github
- Pentest Tools Nmap
- Hacking Tools Usb
- Pentest Tools Open Source
- Best Hacking Tools 2020
- Pentest Tools Free
- World No 1 Hacker Software
- Nsa Hack Tools
- Pentest Tools Download
- Hacking Tools For Beginners
- Pentest Recon Tools
- Hacking Tools Windows 10
- Tools 4 Hack
- Hacker Hardware Tools
- Nsa Hack Tools Download
- Github Hacking Tools
- Hacker Tools Github
- How To Make Hacking Tools
- Pentest Tools Apk
- Hacker Tools For Windows
- Pentest Tools Url Fuzzer
- Top Pentest Tools
- Install Pentest Tools Ubuntu
- Wifi Hacker Tools For Windows
- Pentest Tools Android
- Hacker Tools Free Download
- Pentest Tools Alternative
- Hacker Tools Linux
- How To Install Pentest Tools In Ubuntu
- Hacking Tools Usb
- Hacks And Tools
- Hacking App
- Hack Tools For Windows
- Hacker Tools Mac
- Hacking Tools Free Download
- Hacker Tools Linux
- Pentest Tools List
- Bluetooth Hacking Tools Kali
- Hacker Tools 2020
- Hacking Tools Download
- Hack Tools Online
- Install Pentest Tools Ubuntu
- Hacking Apps
- Hacking Tools Kit
- Hack Tools Github
- Black Hat Hacker Tools
- Hacking Tools Kit
- Hacker Tools Apk
- Hacker Search Tools
- Computer Hacker
- Hack Tools Download
- How To Install Pentest Tools In Ubuntu
- Hacker Tools Windows
- Pentest Tools Download
- Hacking Tools For Windows
- Hacking Tools For Games
- Hacking Tools Pc
- Pentest Recon Tools
- How To Install Pentest Tools In Ubuntu
posted by Affiliate Marketer @ 9:36 AM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home