Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

WordPress plugin actively exploited

April 3, 2023
Reading Time: 2 mins read
in Alerts

 

A high-severity vulnerability in the Elementor Pro WordPress plugin is being actively exploited by threat actors, according to WordPress security firm PatchStack. The paid plugin is currently installed on over 11 million websites and is used to create WordPress sites.

The vulnerability was reported on March 18 by security researcher Jerome Bruandet from NinTechNet. The flaw impacts version v3.11.6 and all versions before it, allowing authenticated users to change the site’s settings and potentially lead to a complete site takeover when Elementor Pro is installed on a site that has WooCommerce activated.

The flaw is a broken access control on the plugin’s WooCommerce module, “elementor-pro/modules/woocommerce/module.php.”

Anyone can exploit the issue to change WordPress settings in the database. The flaw is exploited through a vulnerable AJAX action, “pro_woocommerce_update_page_option,” which is used by Elementor’s built-in editor. The issue stems from improper input validation and a lack of capability check to restrict its access to a high privileged user only.

PatchStack researchers are observing attacks from multiple IP addresses, with most of them coming from IP addresses 193.169.194.63, 193.169.195.64, and 194.135.30.6. The researchers also reported that the attackers are changing site URLs to away[dot]trackersline[dot]com. The experts are also seeing files being uploaded with the following file names: wp-resortpack.zip, wp-rate.php, and lll.zip.

The researchers urge administrators of WordPress sites using Elementor Pro to upgrade to version 3.11.7 or later immediately. It is important for website administrators to take swift action to update their plugins to protect their sites from attacks that exploit vulnerabilities such as the one identified in the Elementor Pro WordPress plugin.

Failure to take these actions can lead to the takeover of the website, the modification of site content, and the theft of sensitive information.

 

Reference:
  • High severity vulnerability fixed in WordPress Elementor Pro plugin

Tags: April 2023Cyber AlertCyber Alerts 2023Cyber AttacksVulnerabilitiesWordpress
ADVERTISEMENT

Related Posts

GhostSpy Android Malware Full Device Control

FBI Warns Luna Moth Targets US Law Firms

May 27, 2025
GhostSpy Android Malware Full Device Control

Winos 4.0 Malware Spread Via Fake Installers

May 27, 2025
GhostSpy Android Malware Full Device Control

GhostSpy Android Malware Full Device Control

May 27, 2025
D-Link Routers Exposed by Weak Credentials

D-Link Routers Exposed by Weak Credentials

May 26, 2025
D-Link Routers Exposed by Weak Credentials

TA-ShadowCricke Unmasked via Backdoors

May 26, 2025
D-Link Routers Exposed by Weak Credentials

Killnet Resurfaces with New Identity

May 26, 2025

Latest Alerts

FBI Warns Luna Moth Targets US Law Firms

Winos 4.0 Malware Spread Via Fake Installers

GhostSpy Android Malware Full Device Control

D-Link Routers Exposed by Weak Credentials

TA-ShadowCricke Unmasked via Backdoors

Killnet Resurfaces with New Identity

Subscribe to our newsletter

    Latest Incidents

    Everest Ransomware Leaks Coke Staff Data

    Adidas Data Breach Exposes Customer Contacts

    Semiconductor Firm AXT Hit by Data Breach

    Hackers Steal $700K from Philly School District Accounts

    Chinese hackers hit US utilities via flaw

    Naukri Fixes Bug That Exposed Recruiter Email Addresses

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial