Cybersecurity researcher Jerome Bruandet from NinTechNet said he discovered a flaw in Elementor Pro that allows an authenticated attacker to create an administrator account. That gives the attackers a range of possibilities, including one that’s being actively used – to redirect all traffic to an external malicious website.
ArsTechnica reports that the traffic from compromised websites is being redirected to away[dot]trackersline[dot]com.
Critical vulnerability
WordPress security experts PatchStack also found some threat actors uploading malicious files to vulnerable websites, including wp-resortpack.zip, wp-rate.php, and lll.zip.
The vulnerability has been rated 8.8/10, earning the status “critical”. Users are advised to update Elementor Pro to 3.11.7, or later, as all older versions are vulnerable to the flaw.
This is not the first time a high-severity flaw has been discovered in Elementor. In April last year, cybersecurity researchers from Wordfence found a flaw that allowed any authenticated user to upload arbitrary PHP code. Back then, the plug-in was in version 3.6.0, which introduced a new Onboarding module. The goal of the module was to simplify the plug-in’s initial setup, but it came with an “unusual” method to register AJAX actions, with no capability checks.
Consequently, any logged-in user could use any of the onboarding functions. That being said, an attacker could, for example, create a malicious “Elementor Pro” plugin zip, and use the onboarding functions to install it. The site would then execute any code present in the plugin, including code designed to take over the site, or access additional resources on the server. The functions could also be used to completely deface the site, researchers were saying at the time.
Today, Elementor Pro is used by more than 12 million websites, ArsTechnica concludes.
- These are the best blogging sites right now
Via: ArsTechnica
SAMSUNG 34-Inch SJ55W Ultrawide Gaming Monitor (LS34J550WQNXZA) – 75Hz Refresh, WQHD Computer Monitor, 3440 x 1440p Resolution, 4ms Response, FreeSync, Split Screen, HDMI, Black
Tech Rookies is dedicated to helping entry-level IT professionals.
Follow us on Facebook, Twitter, and, Instagram We are growing. Join the Tech Rookies Nation and us!
At TechRookies.com will strive to find you the best deals!
Want more articles click Here!
Check out our Partner Best Buy for great deals
M1 Finance is a highly recommended brokerage start investing today here!
WeBull. LIMITED TIME OFFER: Get 3 free stocks valued up to $6300 by opening & funding a #Webull brokerage account! “>Get started >Thanks for visiting!
Tech Rookies Music Here!
Disclaimer: I get commissions for purchases made through links in this post at no charge to you and thanks for supporting Tech Rookies.
Disclosure: Links contain affiliates. When you buy through one of our links we will receive a commission. This is at no cost to you. Thank you for supporting Techrookies.com