A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.
The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.
"This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack," Patchstack said in a report. "This attack can be used to include local files on the filesystem of the website, such as /etc/passwd. This can also be used to perform RCE by including a file with malicious PHP code that normally cannot be executed."
That said, the vulnerability only exists if widgets like dynamic gallery and product gallery are used, which utilize the vulnerable function, resulting in local file inclusion – an attack technique in which a web application is tricked into exposing or running arbitrary files on the webserver.
The flaw impacts all versions of the addon from 5.0.4 and below, and credited with discovering the vulnerability is researcher Wai Yan Myo Thet. Following responsible disclosure, the security hole was finally plugged in version 5.0.5 released on January 28 "after several insufficient patches."
The development comes weeks after it emerged that unidentified actors tampered with dozens of WordPress themes and plugins hosted on a developer's website to inject a backdoor with the goal of infecting further sites.
Read more- Pentest Tools Android
- Hacking App
- Hacking Tools Free Download
- Hack Website Online Tool
- Hacking Tools 2019
- Hacker Tools
- Pentest Tools Website
- Best Hacking Tools 2020
- Bluetooth Hacking Tools Kali
- Pentest Tools Alternative
- Free Pentest Tools For Windows
- Pentest Tools Subdomain
- Hack Tool Apk
- Hacking Tools 2020
- Pentest Tools Apk
- Hack Tools 2019
- Hack Tools Online
- Pentest Tools
- Hack App
- Hacking Apps
- Hak5 Tools
- Hacker Tools 2020
- Hacking Apps
- Growth Hacker Tools
- Hack Tools Github
- Pentest Tools List
- Hacker Tools 2020
- Hacker Tool Kit
- Hack Tools Download
- Nsa Hacker Tools
- Pentest Tools
- Hacker Tools Online
- Top Pentest Tools
- Hak5 Tools
- Pentest Tools Apk
- Black Hat Hacker Tools
- Hacker Hardware Tools
- Hack Tools For Games
- Pentest Tools For Windows
- Hacking Tools 2020
- Hacking Tools Github
- Hackrf Tools
- Hack Tools Github
- Hacker Tools 2019
- Game Hacking
- Hacker Tools Windows
- Hacker Tool Kit
- Pentest Tools For Windows
- Hack Tools 2019
- What Are Hacking Tools
- Best Hacking Tools 2020
- Best Hacking Tools 2020
- Top Pentest Tools
- What Is Hacking Tools
- Growth Hacker Tools
- Hacker Hardware Tools
- Top Pentest Tools
- Hacking Tools Software
- Kik Hack Tools
- Pentest Tools Port Scanner
- Kik Hack Tools
- Pentest Tools Find Subdomains
- Pentest Tools Free
- Hacking Tools Free Download
- Hack Website Online Tool
- Hack Tools Mac
- Hacker Tools Free Download
- Hack And Tools
- Usb Pentest Tools
- Hacker Tools Hardware
- Pentest Tools For Android
- Pentest Reporting Tools
- Hacker Tools Github
- Pentest Tools Tcp Port Scanner
- Pentest Tools Github
- Hacker Tools List
- Pentest Tools Bluekeep
- Hacking Tools Software
- Hacker Tools 2019
- Hack Tools Download
- Pentest Automation Tools
- Hacker Tools Free Download
- Computer Hacker
- Hacking Tools For Pc
- Hacking Tools Pc
- Hacker Tools Github
- Pentest Tools Port Scanner
- Hacker Tools
- Hacking App
- Hacker Tools Apk
- Nsa Hack Tools Download
- Hacking Tools And Software
- Physical Pentest Tools
- How To Install Pentest Tools In Ubuntu
- Hack And Tools
- Usb Pentest Tools
- Pentest Tools
- Hacking Tools And Software
- Growth Hacker Tools
- Black Hat Hacker Tools
- Tools Used For Hacking
- Hacking Tools Online
- Bluetooth Hacking Tools Kali
- Pentest Tools For Android
- Pentest Tools Kali Linux
- Pentest Tools Website
- Pentest Tools Github
- Hacking Tools Windows 10
- Hacks And Tools
- Pentest Tools Apk
- Hack Tool Apk No Root
- Pentest Recon Tools
- How To Make Hacking Tools
- Hacking Tools For Pc
- Hackers Toolbox
- How To Install Pentest Tools In Ubuntu
- Hacker Tool Kit
- Hacking Tools Hardware
- Pentest Tools Find Subdomains
- Hack Tools For Windows
- Hacker Hardware Tools
- Hacking Tools Software
- Hacker Tools List
- Hacker Tools Apk
- Termux Hacking Tools 2019
- Pentest Tools Review
- Hackrf Tools
- Hack Tools For Mac
- Hacking Tools Github
- Pentest Tools Apk
- Best Hacking Tools 2019
- Tools 4 Hack
- Hacker Tools 2019
- Pentest Tools Find Subdomains
- Hacking Tools For Pc
- Hacker Tools For Windows
- Pentest Tools Github
- Hackrf Tools
- Hacker Tools Free
- Hack And Tools
- Hacking Tools Github
- Hacking Tools Mac
- Hackers Toolbox
- Hack Tools For Games
- Pentest Recon Tools
- Hacker Tools 2019
- Hacker Tools For Ios
- Pentest Tools Download
- Easy Hack Tools
- World No 1 Hacker Software
- Pentest Tools Download
- Hacking Tools Software
- Pentest Tools Download
- Hack Tools For Mac
- Pentest Tools Download
- Black Hat Hacker Tools
- Tools For Hacker
- Pentest Tools Windows
- Nsa Hack Tools
- Tools 4 Hack
- Hacking Tools Software
- Tools For Hacker
- Pentest Recon Tools
- Pentest Tools Website Vulnerability
- Pentest Tools Linux
- Hacking Tools
0 comentários:
Postar um comentário