WordPress Elementor Lite 5.7.1 Arbitrary Password Reset | allinfosecnews.com

May 18, 2023, 1:55 p.m. |

Packet Storm packetstormsecurity.com

On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level access. Versions 5.7.1 and below are affected.

access accounts critical critical vulnerability essential addons for elementor may password password reset passwords patch plugin reset vulnerability wordpress wordpress plugin

More from packetstormsecurity.com / Packet Storm

Ubuntu Security Notice USN-6770-1 16 hours ago | packetstormsecurity.com

apache discovery fixes handling +13

Ubuntu Security Notice USN-6769-1 16 hours ago | packetstormsecurity.com

attacker configuration default denial of service +15

Red Hat Security Advisory 2024-2799-03 16 hours ago | packetstormsecurity.com

advisory buffer buffer overflow code +11

Red Hat Security Advisory 2024-2793-03 16 hours ago | packetstormsecurity.com

advisory denial of service enterprise linux +7

Red Hat Security Advisory 2024-2705-03 16 hours ago | packetstormsecurity.com

advisory build quarkus red hat +3

Red Hat Security Advisory 2024-2672-03 16 hours ago | packetstormsecurity.com

advisory bugs code code execution +15

Red Hat Security Advisory 2024-2671-03 16 hours ago | packetstormsecurity.com

advisory bugs build denial of service +10

Red Hat Security Advisory 2024-2669-03 16 hours ago | packetstormsecurity.com

advisory bugs code code execution +13

Red Hat Security Advisory 2024-2668-03 16 hours ago | packetstormsecurity.com

advisory bugs container denial of service +13

Principal Security Research Manager

@ Microsoft | Redmond, Washington, United States

View on infosec-jobs.com

SOC Manager

@ Inbox Business Technologies | Islamabad, Islamabad Capital Territory, Pakistan

View on infosec-jobs.com

Cybersecurity Incident Response Program Manager (Hybrid)

@ UMB Bank | MO - Kansas City - 1010 Grand Blvd

View on infosec-jobs.com

Consultant, Cyber Risk Advisory | Remote US

@ Coalfire | United States

View on infosec-jobs.com

Cybersecurity Bid Manager

@ Alstom | Derby, GB

View on infosec-jobs.com

Cyberspace Analyst

@ Peraton | Fort Meade, MD, United States

View on infosec-jobs.com