WordPress Pugin Vulnerability Puts Millions Of Websites At Risk

2868 Views

Elementor Pro is a famous plugin which is running on more than 11 million WordPress sites at the moment. This plugin allows developers to create exquisite websites, enabling a handful of features. In a shocking revelation, it has been discovered that there is an extremely critical vulnerability in Elementor Pro which allows perpetrators to gain complete control of any WordPress site using this extension.

As per the sources, this vulnerability was first discovered by a NinTechNet researcher named Jerome Bruandet. Meanwhile, other researchers have also highlighted the fact that this vulnerability is currently under exploitation from attackers with compromised files uploaded to several websites.

About the issue itself, the said vulnerability is the result of a broken access control on the WooCommerce plugin module. This vulnerability allows unauthorized users to modify the WordPress database with serious consequences. Bruandet revealed in his blog that this flaw allows any authenticated or unauthorized person to leverage the vulnerability and create an administrator account to elevate privileges. In order for this vulnerability to be exploited, a combination of Elementor Pro and and WooCommerce plugins must be installed on the WordPress site.

Acknowledging the presence of this lethal vulnerability, the developer of Elementor acted swiftly and released a patch in the version 3.11.7 to counter the threat. But the problem is far from over.

Not all users and developers have upgraded their WordPress sites and any website using an Elementor version 3.11.6 or lower has a potentially dangerous flaw that can be exploited by hackers with catastrophic outcomes.

Recent Posts

The Future of Mobile Apps with AI and Machine Learning

The mobile app landscape is undergoing a dramatic transformation, and at the heart of this change lies Artificial Intelligence (AI) and Machine Learning (ML). Once considered futuristic, these technologies are now embedded into everyday applications, influencing how we shop, work, travel, and connect. Modern users no longer settle for apps that merely function; they expect […]

Web App Security: Best Practices Every Business Should Know

In today’s digital-first economy, businesses are only as strong as their web applications. From e-commerce platforms and online banking portals to healthcare systems and SaaS tools, web apps have become the backbone of modern operations. They power transactions, manage sensitive data, and connect organizations with their customers in real time. Simply put, web applications are […]

Dark Mode, Microinteractions, and Beyond: Modern UI/UX Features Explained

In today’s digital-first world, design is no longer just about making products look good—it’s about creating experiences that feel intuitive, engaging, and effortless. Whether it’s a mobile app, a website, or a custom enterprise solution, users expect design features that not only work but also delight. Two of the most talked-about trends in modern UI/UX […]

The Rise of FinOps: Why Every Cloud-First Company Needs It

When cloud computing first took off, it felt like a dream. Instead of buying expensive servers, setting them up in climate-controlled data centers, and hiring a team to babysit them, companies could simply swipe a credit card and spin up as much computing power as they needed instantly. It was liberating, flexible, and for many […]

Profile Picture

The WordPress team at Ropstam Solutions consists of highly skilled professionals specializing in WordPress development and customized digital solutions. With more than a decade of experience in this field, the team prides itself on delivering innovative and impactful content that showcases its dedication to excellence and advancement within the WordPress realm.

Ropstam WordPress Development Team

Related Posts

Court Makes History By Hosting Trial Hearing In Metaverse

Since the Covid pandemic imposed lockdowns across the globe, virtual meetings and online interviews have become increasingly frequent. As the governments imposed lockdowns, professionals switched to...

Grand Annual Dinner and 15th Anniversary Celebrations

On the auspicious occasion of Ropstam Solutions’ 15th anniversary, we recently organized an annual dinner event to celebrate this milestone. With a number of fun activities and announcements...
mobile friendly store

How To Make Your Online Store Mobile-Friendly

While casually using your phone on the couch, you check out an online store. You find a product you like, but the text is too small, the website is slow, and the layout is confusing. As a result,...
Meta Launches the Next Generation of Llama

Meta Launches the Next Generation of Llama

Mack Zuckerberg-owned Meta has launched the second iteration of the open-source version of its AI model named Llama. AI experts and enthusiasts can leverage this publicly accessible Large Language...

Why our clients
love us?

Our clients love us because we prioritize effective communication and are committed to delivering high-quality software solutions that meet the highest standards of excellence.

anton testimonial for ropstam solutions

“They met expectations with every aspect of design and development of the product, and we’ve seen an increase in downloads and monthly users.”

Anton Neugebauer, CEO, RealAdvice Agency
mike stanzyk testimonial for ropstam solutions

“Their dedication to their clients is really impressive.  Ropstam Solutions Inc. communicates effectively with the client to ensure customer satisfaction.”

Mike Stanzyk, CEO, Stanzyk LLC

“Ropstam was an excellent partner in bringing our vision to life! They managed to strike the right balance between aesthetics and functionality, ensuring that the end product was not only visually appealing but also practical and usable.”

Jackie Philbin, Director - Nutrition for Longevity

Supercharge your software development with our expert team – get in touch today!