{"id":6261,"date":"2023-04-03T21:05:00","date_gmt":"2023-04-03T17:35:00","guid":{"rendered":"http:\/\/uucert.com\/en\/?p=6261"},"modified":"2023-04-07T21:39:31","modified_gmt":"2023-04-07T18:09:31","slug":"hackers-exploiting-wordpress-elementor-pro-vulnerability-millions-of-sites-at-risk","status":"publish","type":"post","link":"http:\/\/uucert.com\/en\/\u0628\u0627\u06cc\u06af\u0627\u0646\u06cc\/6261","title":{"rendered":"Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!"},"content":{"rendered":"\n<p>Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress.<\/p>\n<p>The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22.<\/p>\n<p>&#8220;Improved code security enforcement in WooCommerce components,&#8221; the Tel Aviv-based company said in its release notes. The premium plugin is estimated to be used on over 12 million sites.<\/p>\n<p>Successful exploitation of the high-severity flaw allows an authenticated attacker to complete a takeover of a WordPress site that has WooCommerce enabled.<\/p>\n<p>&#8220;This makes it possible for a malicious user to turn on the registration page (if disabled) and set the default user role to administrator so they can create an account that instantly has the administrator privileges,&#8221; Patchstack said\u00a0in an alert of March 30, 2023.<\/p>\n<p>&#8220;After this, they are likely to either redirect the site to another malicious domain or upload a malicious plugin or backdoor to further exploit the site.&#8221;<\/p>\n<p>\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"728\" height=\"361\" data-id=\"6262\" src=\"http:\/\/uucert.com\/en\/wp-content\/uploads\/word.png\" alt=\"\" class=\"wp-image-6262\" srcset=\"http:\/\/uucert.com\/en\/wp-content\/uploads\/word.png 728w, http:\/\/uucert.com\/en\/wp-content\/uploads\/word-300x149.png 300w, http:\/\/uucert.com\/en\/wp-content\/uploads\/word-100x50.png 100w\" sizes=\"auto, (max-width: 728px) 100vw, 728px\" \/><\/figure>\n<\/figure>\n\n\n\n<p>Credited with discovering and reporting the vulnerability on March 18, 2023, is NinTechNet security researcher Jerome Bruandet.<\/p>\n<p>Patchstack further noted that the flaw is currently being abused in the wild from several IP addresses intending to upload arbitrary PHP and ZIP archive files.<\/p>\n<p>Users of the Elementor Pro plugin are recommended to update to 3.11.7 or 3.12.0, which is the latest version, as soon as possible to mitigate potential threats.<\/p>\n<p>The advisory comes over a year after the Essential Addons for Elementor plugin was found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.<\/p>\n<p>Last week, WordPress issued auto-updates to remediate another critical bug in the WooCommerce Payments plugin that allowed unauthenticated attackers to gain administrator access to vulnerable sites.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress. The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22. &#8220;Improved code security enforcement in WooCommerce components,&#8221; the Tel Aviv-based company said in its release notes. The premium plugin is estimated to be used on over 12 million sites. Successful exploitation of the high-severity flaw allows an authenticated attacker to complete&hellip;<\/p>\n","protected":false},"author":1,"featured_media":6263,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16,37,52,19],"tags":[],"class_list":["post-6261","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-16","category-37","category-trends","category-19"],"gutentor_comment":2,"_links":{"self":[{"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/posts\/6261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/comments?post=6261"}],"version-history":[{"count":3,"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/posts\/6261\/revisions"}],"predecessor-version":[{"id":6266,"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/posts\/6261\/revisions\/6266"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/media\/6263"}],"wp:attachment":[{"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/media?parent=6261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/categories?post=6261"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/uucert.com\/en\/wp-json\/wp\/v2\/tags?post=6261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}