all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Vulnerability in Essential Addons for Elementor Leads to Mass Infection

Add to bookmarks
May 18, 2023, 6:54 p.m. | Ben Martin

Sucuri Blog blog.sucuri.net

On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by PatchStack. The technical details of this vulnerability can be found on their recent blog post. Over one million websites use this plugin and the fallout from this has been absolutely massive, with over 6,000 detections by SiteCheck already so far and 1637 detections in publicWWW scan results.


Naturally, if you are a website owner using …

black hat tactics blog blog post critical escalation essential addons for elementor hacked websites infection malware may patch plugin popular privilege privilege escalation technical vulnerability website malware infections websites website security wordpress wordpress plugin wordpress plugins and themes wordpress security

Visit resource

More from blog.sucuri.net / Sucuri Blog

WordPress Vulnerability & Patch Roundup April 2024 1 day, 19 hours ago | blog.sucuri.net
april attacks automated awareness +33
What is a Zero-Day Vulnerability? 5 days, 18 hours ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 1 week ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 week, 5 days ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 2 weeks ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 2 weeks, 5 days ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 3 weeks, 1 day ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 4 weeks ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 1 month ago | blog.sucuri.net
attacks automated awareness best practices +32

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Researcher

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Cyber Risk Analyst

@ American Heart Association | Dallas, TX, United States
View on infosec-jobs.com

Cybersecurity Engineer 2/3

@ Scaled Composites, LLC | Mojave, CA, US
View on infosec-jobs.com

Information Security Operations Manager

@ DP World | Charlotte, NC, United States
View on infosec-jobs.com

Sr Cyber Security Engineer I

@ Staples | Framingham, MA, United States
View on infosec-jobs.com

Security Engineer - Heartland (Remote)

@ GuidePoint Security LLC | Remote in the US
View on infosec-jobs.com
View more jobs