PSA: Attackers Actively Exploiting Critical Vulnerability in Essential Addons for Elementor

On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level access. This vulnerability was discovered and responsibly disclosed by security researcher Rafie Muhammed. ...
Read More

The post PSA: Attackers Actively Exploiting Critical Vulnerability in Essential Addons for Elementor appeared first on Wordfence.

access accounts attackers critical critical vulnerability essential addons for elementor exploiting may passwords patch plugin psa research reset vulnerabilities vulnerability wordpress wordpress plugin wordpress security