WordPress Plugin Flaw Let Attackers Hijack 1m Websites

12 May 2023

The widely-used Elementor plugin, “Essential Addons for Elementor,” has been discovered to have a security flaw that enables unauthorized users to gain administrative control, potentially impacting millions of WordPress websites. PatchStack recently uncovered a critical unauthenticated privilege escalation vulnerability, tracked as CVE-2023-32243, in versions 5.4.0 to 5.7.1 of the Elementor plugin “Essential Addons for Elementor,” enabling potential attackers to reset passwords and gain unauthorized access to administrator accounts.

Read full article on GBHackers

Date:

12 May 2023

Categorie(s):

NEWS

Tag(s):

Content-management Framework, Flaws, Million, Open Source, Open Source Software

Accelerated patching found with CISA KEV catalog-listed flaws3 May 2024
New AI security bill unveiled in Senate3 May 2024
US arrests ex-cyber consultant accused of IT firm extortion3 May 2024
Bug hunters can get up to $450,000 for an RCE in Google’s Android apps3 May 2024
Mounting global ransomware attacks significantly impact US3 May 2024