The widely-used Elementor plugin, “Essential Addons for Elementor,” has been discovered to have a security flaw that enables unauthorized users to gain administrative control, potentially impacting millions of WordPress websites. PatchStack recently uncovered a critical unauthenticated privilege escalation vulnerability, tracked as CVE-2023-32243, in versions 5.4.0 to 5.7.1 of the Elementor plugin “Essential Addons for Elementor,” enabling potential attackers to reset passwords and gain unauthorized access to administrator accounts.
Read full article on GBHackers