Critical Bug Found In WordPress Plugin For Elementor With Over A Million Installations

 

A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."

That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.

The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."

The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.

More information

1. Hacker Tools Apk Download
2. Hacker Tools For Ios
3. Usb Pentest Tools
4. Best Hacking Tools 2020
5. Pentest Tools Url Fuzzer
6. Hack Tools Pc
7. Hacking Tools Usb
8. Pentest Automation Tools
9. Hacking Tools Pc
10. Hacking Tools Pc
11. Usb Pentest Tools
12. Hacking Tools Pc
13. Hack Rom Tools
14. Hack Tools Pc
15. Pentest Tools Url Fuzzer
16. Hack Tools 2019
17. Pentest Tools Website Vulnerability
18. Tools Used For Hacking
19. Hack Tools
20. Hacking Tools Windows
21. Hack Tools For Ubuntu
22. Hack Apps
23. Tools For Hacker
24. Hacker Search Tools
25. Wifi Hacker Tools For Windows
26. How To Make Hacking Tools
27. Tools 4 Hack
28. Hacking Tools For Windows
29. Pentest Tools For Windows
30. How To Install Pentest Tools In Ubuntu
31. Hack Tools Github
32. Pentest Tools Kali Linux
33. Pentest Tools Framework
34. Pentest Box Tools Download
35. Hack Tools
36. Pentest Tools Url Fuzzer
37. Hacker Tools Github
38. Pentest Tools Website
39. Game Hacking
40. Hackrf Tools
41. Hack Tools Github
42. Hack Apps
43. Hacking Tools And Software
44. World No 1 Hacker Software
45. Hacker
46. Hacking Tools For Pc
47. Physical Pentest Tools
48. Termux Hacking Tools 2019
49. Hacking Tools For Kali Linux
50. Pentest Tools For Mac
51. Hacker Tools Windows
52. Pentest Tools Kali Linux
53. Hacking Tools Name
54. How To Hack
55. Kik Hack Tools
56. Hack Tool Apk No Root
57. Hacking App
58. Underground Hacker Sites
59. Hack Apps
60. Hack Apps
61. Pentest Tools Android
62. Hacker Tools For Ios
63. Hacking App
64. Ethical Hacker Tools
65. Pentest Tools Nmap
66. Top Pentest Tools
67. Hack Tools Download
68. Tools Used For Hacking
69. Pentest Tools
70. Blackhat Hacker Tools
71. Hacker Tools Apk
72. Underground Hacker Sites
73. Hacking Tools Download
74. Hacking Tools Free Download
75. Pentest Tools Free
76. How To Hack
77. Pentest Tools Bluekeep
78. Hacker Tools Online
79. Easy Hack Tools
80. Growth Hacker Tools
81. Nsa Hack Tools
82. Pentest Tools Port Scanner
83. Pentest Tools Review
84. Hacking App
85. How To Hack
86. Install Pentest Tools Ubuntu
87. Hak5 Tools
88. Hacking Tools For Pc
89. What Are Hacking Tools
90. Hackers Toolbox
91. Hak5 Tools
92. Pentest Tools Download
93. Hacking Tools Usb
94. Pentest Tools Nmap
95. Android Hack Tools Github
96. Pentest Tools Tcp Port Scanner
97. Hacker Tools For Windows
98. Hack Tools
99. Hack Tools 2019
100. How To Make Hacking Tools
101. Hack Tools Online
102. Pentest Recon Tools
103. Pentest Tools Framework
104. Pentest Tools Subdomain
105. Hacking Tools For Pc
106. Pentest Tools For Ubuntu
107. Best Hacking Tools 2019
108. Hacker Tools 2019
109. Hacking Tools Kit
110. Hacker Security Tools
111. Pentest Tools Apk
112. Pentest Tools Find Subdomains
113. How To Install Pentest Tools In Ubuntu
114. Nsa Hack Tools Download
115. Github Hacking Tools
116. Hack Website Online Tool
117. Pentest Tools Framework
118. Hacking Tools Online
119. Best Hacking Tools 2020
120. Hacking App
121. New Hack Tools
122. Best Hacking Tools 2020
123. Hacker Tools Software
124. Hack Tools Github
125. World No 1 Hacker Software
126. Hacking Apps
127. Hacker Tool Kit
128. Usb Pentest Tools
129. Pentest Tools Android
130. Hack Tool Apk
131. Hacking Tools Download
132. Hack Tools
133. Pentest Tools Website
134. Hacker Tools For Windows
135. Pentest Tools Linux
136. Bluetooth Hacking Tools Kali
137. Hack Tools Pc
138. Hacking Tools Free Download
139. Game Hacking