Critical RCE Vulnerability in Elementor WordPress Plugin | allinfosecnews.com

April 14, 2022, 2:16 a.m. | Antony Garand

Security Boulevard securityboulevard.com

Security Risk: High

Exploitation Level: Easy

CVSS Score: 9.9

Vulnerability: Remote code execution (RCE)

Patched Version: 3.6.3

On April 12th, an important security update was released for the Elementor plugin patching a critical remote code vulnerability which allows all authenticated users, including subscribers, to upload and execute arbitrary PHP code on a vulnerable website.

This vulnerability, identified as CVE-2022-1329, is extremely severe.

Continue reading Critical RCE Vulnerability in Elementor WordPress Plugin at Sucuri Blog.

The post Critical RCE Vulnerability in …

critical plugin rce security advisory vulnerabilities vulnerability vulnerability disclosure wordpress wordpress plugin wordpress security

More from securityboulevard.com / Security Boulevard

Miggo Unfurls Real-Time Application Detection and Response Platform 6 hours ago | securityboulevard.com

ai and machine learning in security and response api security application +21

From Caesar to Cyberspace: The Growing Menace of Obfuscated Phishing Scams 8 hours ago | securityboulevard.com

attackers caesar cto corner cyberattacks +17

HHS Strengthens Privacy of Reproductive Health Care Data 8 hours ago | securityboulevard.com

administration biden biden administration care +37

UnitedHealth: Ransomware Attackers Stole Huge Amount of Data 10 hours ago | securityboulevard.com

attackers breach care cloud security +32

Oak Ridge, McCrary Institute Establish Cybersecurity Center Focused on Electrical Grid 11 hours ago | securityboulevard.com

addition center centers critical +29

PuTTY SSH Client Vulnerability Allows Private Key Recovery 13 hours ago | securityboulevard.com

blog client critical critical vulnerability +15

5 Tips for API Hackers on Picking Your First Target 13 hours ago | securityboulevard.com

api api hacking fundamentals api hacking mindset apis +11

TuxCare Names Glen Kuhne as Vice President of Enterprise Sales 14 hours ago | securityboulevard.com

alto april customer customer success +22

AI: Friend or Foe? Unveiling the Current Landscape with MixMode’s State of AI in Cybersecurity … 15 hours ago | securityboulevard.com

ai ai cybersecurity artificial artificial intelligence +21

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Check Team Members / Cyber Consultants / Pen Testers

@ Resillion | Birmingham, United Kingdom

View on infosec-jobs.com

Security Officer Field Training Officer- Full Time (Harrah's LV)

@ Caesars Entertainment | Las Vegas, NV, United States

View on infosec-jobs.com

Cybersecurity Subject Matter Expert (SME)

@ SMS Data Products Group, Inc. | Fort Belvoir, VA, United States

View on infosec-jobs.com

AWS Security Engineer

@ IntelliPro Group Inc. | Palo Alto, CA

View on infosec-jobs.com

Information Security Analyst

@ Freudenberg Group | Alajuela

View on infosec-jobs.com