all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Severe Security Flaw Exposes Over a Million WordPress Sites to Hijack

Add to bookmarks
May 12, 2023, 5:43 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could be potentially exploited to achieve elevated privileges on affected sites.
The issue, tracked as CVE-2023-32243, has been addressed by the plugin maintainers in version 5.7.2 that was shipped on May 11, 2023. Essential Addons for Elementor has over one million active

cve essential addons for elementor exploited flaw hijack issue maintainers may plugin popular privileges security security vulnerability version vulnerability wordpress wordpress plugin

Visit resource

More from thehackernews.com / The Hacker News

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT 10 hours ago | thehackernews.com
actor ads anydesk asana +20
North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms 1 day, 3 hours ago | thehackernews.com
actor attacks backdoor commands +20
CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar) 1 day, 5 hours ago | thehackernews.com
advanced ai-powered ai tools artificial +19
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability 1 day, 7 hours ago | thehackernews.com
actively exploited address alert anonymous +25
What's the Right EDR for You? 1 day, 7 hours ago | thehackernews.com
and response antivirus business businesses +18
Malicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via Smishing 1 day, 7 hours ago | thehackernews.com
android android app android apps app +20
Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models 1 day, 10 hours ago | thehackernews.com
access ai models attack cloud +24
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation 1 day, 23 hours ago | thehackernews.com
attack bypass cve cve-2024 +25
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign 2 days, 2 hours ago | thehackernews.com
actor apt28 called campaign +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Network Security Tools Engineer / Systems Engineer

@ Node.Digital | Arlington, Virginia, United States
View on infosec-jobs.com

Scrum Master II - Global Information Security PMO

@ Marriott International | Bethesda, MD, United States
View on infosec-jobs.com

Principle Security Incident Response Analyst

@ Oracle | United States
View on infosec-jobs.com

Cyber Network Engineer

@ Peraton | Aberdeen Proving Ground, MD, United States
View on infosec-jobs.com

Red Team Operator: Assessments & Exercises Vice President

@ JPMorgan Chase & Co. | Columbus, OH, United States
View on infosec-jobs.com

Cybersecurity Undergraduate - Internship

@ esure Group | Reigate, United Kingdom
View on infosec-jobs.com
View more jobs