WordPress Pugin Vulnerability Puts Millions Of Websites At Risk

2575 Views

Elementor Pro is a famous plugin which is running on more than 11 million WordPress sites at the moment. This plugin allows developers to create exquisite websites, enabling a handful of features. In a shocking revelation, it has been discovered that there is an extremely critical vulnerability in Elementor Pro which allows perpetrators to gain complete control of any WordPress site using this extension.

As per the sources, this vulnerability was first discovered by a NinTechNet researcher named Jerome Bruandet. Meanwhile, other researchers have also highlighted the fact that this vulnerability is currently under exploitation from attackers with compromised files uploaded to several websites.

About the issue itself, the said vulnerability is the result of a broken access control on the WooCommerce plugin module. This vulnerability allows unauthorized users to modify the WordPress database with serious consequences. Bruandet revealed in his blog that this flaw allows any authenticated or unauthorized person to leverage the vulnerability and create an administrator account to elevate privileges. In order for this vulnerability to be exploited, a combination of Elementor Pro and and WooCommerce plugins must be installed on the WordPress site.

Acknowledging the presence of this lethal vulnerability, the developer of Elementor acted swiftly and released a patch in the version 3.11.7 to counter the threat. But the problem is far from over.

Not all users and developers have upgraded their WordPress sites and any website using an Elementor version 3.11.6 or lower has a potentially dangerous flaw that can be exploited by hackers with catastrophic outcomes.

Recent Posts

Redux Thunk vs Redux Saga: Which One Fits Your App?

Introduction: In the fast-evolving world of frontend development, managing asynchronous operations in React applications can be a real headache. Whether it’s handling API requests, managing loading states, or dealing with complex user flows, state management libraries like Redux often need a helping hand. That’s where Redux middleware comes in — and two of the most […]

State Management Strategies in MERN Stack Applications

Introduction  In modern web development, especially within complex full-stack applications like those built using the MERN stack (MongoDB, Express.js, React, and Node.js), state management is a pivotal concern. As applications scale, the need to efficiently handle and synchronize data across components, services, and user sessions becomes increasingly essential. From handling local component states in React […]

React Native for Design Systems

In the modern era of cross-platform mobile development, React Native stands as a leading framework that allows teams to build applications using a single codebase for both Android and iOS. As apps grow larger and design becomes more integral to the user experience, the demand for design consistency and scalability intensifies. This is where design […]

WordPress Content Management: Organizing Your Website for Success

WordPress is an extraordinarily flexible platform, supporting everything from simple blogs to enterprise-grade e-commerce sites. Yet this flexibility demands careful planning: as your site grows, its content can quickly become unwieldy. Well-organized content ensures search engines index your pages effectively, users find what they need intuitively, and your internal processes stay streamlined. Effective content management […]

Profile Picture

The WordPress team at Ropstam Solutions consists of highly skilled professionals specializing in WordPress development and customized digital solutions. With more than a decade of experience in this field, the team prides itself on delivering innovative and impactful content that showcases its dedication to excellence and advancement within the WordPress realm.

Ropstam WordPress Development Team

Related Posts

Microsoft New Features For Copilot Studio

Microsoft Announces New Features For Copilot Studio

With the ambition of furthering the utilization of Artificial Intelligence (AI), Microsoft is set to introduce a host of new features for its Office Suite, including but not limited to Word and...
Google Introduces New Library

Google Introduces New Library For JPEG Coding

In the ever-evolving digital landscape, where visuals play a pivotal role in capturing and retaining user attention, the importance of efficient image compression cannot be overstated. As a visual...
database management system guide

DBMS – Comprehensive Guide to Database Management System

In today's data-driven world, effective data management is crucial for businesses and organizations of all sizes. This is where Database Management Systems (DBMS) come into play. In this...
OpenAI Introduces New Tool For Accountability

OpenAI Introduces New Tool For Accountability

OpenAI has recently unveiled an innovative tool known as the Transformer Debugger (TDB), a development that stands to reshape our approach to understanding transformer models in artificial...

Why our clients
love us?

Our clients love us because we prioritize effective communication and are committed to delivering high-quality software solutions that meet the highest standards of excellence.

anton testimonial for ropstam solutions

“They met expectations with every aspect of design and development of the product, and we’ve seen an increase in downloads and monthly users.”

Anton Neugebauer, CEO, RealAdvice Agency
mike stanzyk testimonial for ropstam solutions

“Their dedication to their clients is really impressive.  Ropstam Solutions Inc. communicates effectively with the client to ensure customer satisfaction.”

Mike Stanzyk, CEO, Stanzyk LLC

“Ropstam was an excellent partner in bringing our vision to life! They managed to strike the right balance between aesthetics and functionality, ensuring that the end product was not only visually appealing but also practical and usable.”

Jackie Philbin, Director - Nutrition for Longevity

Supercharge your software development with our expert team – get in touch today!