viernes, 26 de mayo de 2023

Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 


A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

Related news
  1. Android Hack Tools Github
  2. Beginner Hacker Tools
  3. Pentest Tools Website
  4. Hack App
  5. Hak5 Tools
  6. Pentest Tools Review
  7. Hacker Tools Online
  8. Hacker Tool Kit
  9. Hacking Tools And Software
  10. Physical Pentest Tools
  11. Best Hacking Tools 2019
  12. Hacker Tools 2020
  13. Usb Pentest Tools
  14. How To Install Pentest Tools In Ubuntu
  15. Hacking Tools Name
  16. Hacking Tools Online
  17. Underground Hacker Sites
  18. Hack Apps
  19. Hack Tools For Ubuntu
  20. Hack Tools For Pc
  21. Hack And Tools
  22. Pentest Tools Download
  23. Hacker Tools Online
  24. Pentest Tools Apk
  25. Best Hacking Tools 2019
  26. Pentest Automation Tools
  27. Hackrf Tools
  28. Android Hack Tools Github
  29. Hackrf Tools
  30. Pentest Tools Port Scanner
  31. Pentest Tools Tcp Port Scanner
  32. Pentest Tools List
  33. Hacker Tool Kit
  34. Hacking Tools For Pc
  35. Pentest Tools Online
  36. Android Hack Tools Github
  37. Pentest Tools List
  38. Hacking Tools For Beginners
  39. Pentest Tools Find Subdomains
  40. Hacker Tools Mac
  41. Best Hacking Tools 2020
  42. Physical Pentest Tools
  43. Github Hacking Tools
  44. Hacker Hardware Tools
  45. Hacker Techniques Tools And Incident Handling
  46. Hacking App
  47. Hacking Tools Windows 10
  48. Hacking Tools 2020
  49. New Hack Tools
  50. Hacking Tools 2020
  51. Hacker Tools Github
  52. Hack Tool Apk No Root
  53. Pentest Tools For Android
  54. Hacker Tools Free Download
  55. Hacker Tools For Pc
  56. Hack Tools Mac
  57. Pentest Tools Alternative
  58. Tools Used For Hacking
  59. Pentest Tools Subdomain
  60. Hacking Tools Windows
  61. Hacker Tools For Windows
  62. New Hacker Tools
  63. Pentest Tools Windows
  64. Hack Tools For Games
  65. Game Hacking
  66. Hacker Tools Mac
  67. Pentest Tools Subdomain
  68. Tools For Hacker
  69. Hacker Tools Hardware
  70. Hack Tools
  71. Hacking Tools Windows 10
  72. Hacking App
  73. Hack Tools
  74. Tools 4 Hack
  75. Pentest Tools Apk
  76. Best Pentesting Tools 2018
  77. Pentest Tools Free
  78. Hacking Tools And Software
  79. Pentest Tools List
  80. Hack Tools 2019
  81. Pentest Tools Bluekeep
  82. Hacker Tools Free Download
  83. Hack Tools Pc
  84. Hacks And Tools
  85. How To Hack
  86. Pentest Tools Linux
  87. Hacker Tools List
  88. Hack Tools For Pc
  89. Black Hat Hacker Tools
  90. How To Install Pentest Tools In Ubuntu
  91. Hacking Tools Software
  92. Best Pentesting Tools 2018
  93. How To Hack
  94. Hacking Tools
  95. Hack Tools Pc
  96. Bluetooth Hacking Tools Kali
  97. How To Install Pentest Tools In Ubuntu
  98. Best Hacking Tools 2019
  99. Pentest Tools Open Source
  100. Hacker Tools
  101. Hacking Tools Pc
  102. Underground Hacker Sites
  103. Hacking Apps
  104. Hacker Tools 2019
  105. Hacker Tools 2019
  106. Hacker Tools Mac
  107. Hackrf Tools
  108. Hacker Tools List
  109. Hack Apps
  110. Physical Pentest Tools
  111. Hacker Tools Hardware
  112. Hack Apps
  113. Hak5 Tools
  114. Hacker Tools Free Download
  115. Hacker Security Tools
  116. Pentest Reporting Tools
  117. New Hack Tools
  118. Pentest Tools Framework
  119. Blackhat Hacker Tools
  120. Hak5 Tools
  121. Pentest Tools
  122. Top Pentest Tools
  123. Hack Tools Mac
  124. Tools For Hacker
  125. Easy Hack Tools
  126. How To Make Hacking Tools
  127. Nsa Hack Tools Download
  128. Hack Tools For Pc
  129. Hacking Tools Kit
  130. Termux Hacking Tools 2019
  131. Pentest Tools Online
  132. Android Hack Tools Github
  133. Pentest Tools Bluekeep
  134. Hacker Tools Online
  135. Hacker Tools Free Download
  136. Hacker Tools Software
  137. Pentest Tools Url Fuzzer
  138. Hacking Tools And Software
  139. Pentest Tools Tcp Port Scanner
  140. Hacks And Tools
  141. Pentest Tools Port Scanner
  142. Hacker Tools Hardware
  143. Hacks And Tools
  144. Hack Tools For Mac

Publicado por MonteArroyo, Partido Político Independiente en 9:28

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)