• chevron_right

      Hackers exploit WordPress plugin flaw that gives full control of millions of sites

      news.movim.eu / ArsTechnica · Friday, 31 March, 2023 - 22:40

    Hackers exploit WordPress plugin flaw that gives full control of millions of sites

    Enlarge (credit: Getty Images)

    Hackers are actively exploiting a critical vulnerability in a widely used WordPress plugin that gives them the ability to take complete control of millions of sites, researchers said.

    The vulnerability, which carries a severity rating of 8.8 out of a possible 10, is present in Elementor Pro, a premium plugin running on more than 12 million sites powered by the WordPress content management system. Elementor Pro allows users to create high-quality websites using a wide range of tools, one of which is WooCommerce, a separate WordPress plugin. When those conditions are met, anyone with an account on the site—say a subscriber or customer—can create new accounts that have full administrator privileges.

    The vulnerability was discovered by Jerome Bruandet, a researcher with security firm NinTechNet. Last week, Elementor, the developer of the Elementor Pro plugin, released version 3.11.7, which patched the flaw. In a post published on Tuesday, Bruandet wrote:

    Read 7 remaining paragraphs | Comments

    • chevron_right

      Hackers exploit critical vulnerability found in ~100,000 WordPress sites

      Dan Goodin · news.movim.eu / ArsTechnica · Tuesday, 18 February, 2020 - 20:08

    Image of ones and zeros with the word

    (credit: Pixy )

    Hackers are actively exploiting a critical WordPress plugin vulnerability that allows them to completely wipe all website databases and, in some cases, seize complete control of affected sites.

    The flaw is in the ThemeGrill Demo Importer installed on some 100,000 sites, and it was disclosed over the weekend by Website security company WebARX. By Tuesday, WebArx reported that the flaw was under active exploit with almost 17,000 attacks blocked so far. Hanno Böck, a journalist who works for Golem.de, had spotted active attacks several hours before and reported them on Twitter .

    "There's currently a severe vuln in a wordpress plugin called "themegrill demo importer" that resets the whole database," Böck wrote. " https://webarxsecurity.com/critical-issue-in-themegrill-demo-importer/ It seems attacks are starting: Some of the affected webpages show a wordpress 'hello world'-post. /cc If you use this plugin and your webpage hasn't been deleted yet consider yourself lucky. And remove the plugin. (Yes, remove it, don't just update.)"

    Read 8 remaining paragraphs | Comments

    index?i=LPPp2gP0BFE:YXjV7qjM8cs:V_sGLiPBpWUindex?i=LPPp2gP0BFE:YXjV7qjM8cs:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA