all InfoSec news
PSA: Attackers Actively Exploiting Critical Vulnerability in Essential Addons for Elementor
Malware Analysis, News and Indicators - Latest topics malware.news
On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level access. This vulnerability was discovered and responsibly disclosed by security researcher Rafie Muhammed.
Over the past few days we’ve seen millions of probing attempts for the plugin’s readme.txt file, which are likely to be attackers probing for the …
access accounts attackers critical critical vulnerability essential addons for elementor exploiting may passwords patch plugin psa reset vulnerability wordpress wordpress plugin