all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

High Severity Vulnerability in WordPress Elementor Pro Patched

Add to bookmarks
March 31, 2023, 3:48 p.m. | Ben Martin

Sucuri Blog blog.sucuri.net

On March 22nd, 2023 a security patch was issued for the popular website builder plugin Elementor Pro. Website administrators using this plugin should immediately patch to at least version 3.11.7 to avoid a potential website compromise.


The security issue is reported to affect only the Pro version of the plugin and not the free version hosted at wordpress.org.


Vulnerability details


The vulnerability allows authenticated users to arbitrarily change wp_options values within the database via the AJAX action of Elementor Pro …

action administrators builder change compromise database elementor pro free high issue march org patch plugin popular pro security security patch severity version vulnerability vulnerability disclosure website website compromise website security woocommerce wordpress wordpress plugins and themes wordpress security working

Visit resource

More from blog.sucuri.net / Sucuri Blog

What is a Zero-Day Vulnerability? 1 day, 5 hours ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 3 days, 6 hours ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 week, 1 day ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 1 week, 3 days ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 2 weeks, 1 day ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 2 weeks, 4 days ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 3 weeks, 3 days ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 1 month ago | blog.sucuri.net
attacks automated awareness best practices +32
Sign1 Malware: Analysis, Campaign History & Indicators of Compromise 1 month ago | blog.sucuri.net
analysis campaign clear client +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Consultant

@ Auckland Council | Central Auckland, NZ, 1010
View on infosec-jobs.com

Security Engineer, Threat Detection

@ Stripe | Remote, US
View on infosec-jobs.com

DevSecOps Engineer (Remote in Europe)

@ CloudTalk | Prague, Prague, Czechia - Remote
View on infosec-jobs.com

Security Architect

@ Valeo Foods | Dublin, Ireland
View on infosec-jobs.com

Security Specialist - IoT & OT

@ Wallbox | Barcelona, Catalonia, Spain
View on infosec-jobs.com
View more jobs