Another day, another serious vulnerability in a WordPress plugin, one of the main content management systems today. The gap at the time was in the Essential Addons for Elementor extension, used on more than a million websites to build product pages and galleries; 600,000 users are still vulnerable after the discovery of a breach that allows the insertion of files that may contain malicious code.
The problem appears on sites that have image or product galleries, two core functions of the plugin. The local file inclusion vulnerability was discovered by security researchers at PatchStack and could, for example, allow delivery of a PHP file that would execute code on the domain, redirect users to malicious pages, or insert malware into the system itself using trusted services. to spread malicious campaigns, steal data or spread pests.
According to experts, this is a failure to check and process the data entered by users. The vulnerability was discovered in late January, and by the time the extension’s developers were alerted, they were already working on a fix; after two failed attempts with update patches, the issue has finally been resolved in Essential Addons for Elementor 5.0.5 edition, which prevents malicious file uploads.
Want to stay on top of the best tech news of the day? Access and subscribe to our new youtube channel, Kenyannews News. Every day a summary of the main news from the tech world for you!
The recommendation is an urgent update for all users, since, with the technical disclosure of the breach, the idea is that criminals try to abuse it as long as they can. The total of 600 thousand affected sites comes, precisely, from the percentage of pages that have not yet applied the latest version of the plugin, a process that can be done directly from the WordPress admin panel.
Applying updates to the management system itself and its extensions, by the way, is the main security practice for site administrators. Analyzing user lists and keeping databases and servers secure are also measures that help keep pages safe from external attacks.
