Security News > 2021 > March > Vulnerability That Allows Complete WordPress Site Takeover Exploited in the Wild
A critical vulnerability identified in The Plus Addons for Elementor WordPress plugin could be exploited to gain administrative privileges to a website.
With more than 30,000 installations to date, The Plus Addons for Elementor is a premium plugin that has been designed to add several widgets to be used with the popular WordPress website builder Elementor.
All users of The Plus Addons for Elementor plugin are advised to deactivate and remove the plugin until a fix has been delivered for this zero-day.
The researchers also note that the free version of the plugin, namely The Plus Addons for Elementor Lite, is not affected by the same vulnerability.
"It should be noted that this vulnerability can still be exploited even if you do not have an active login or registration page that was created with the plugin. This means that any site running this plugin is vulnerable to compromise," Wordfence says.
"We believe that attackers are adding user accounts with usernames as the registered email address based on how the vulnerability creates user accounts, and in some cases installing a malicious plugin labeled wpstaff. We strongly recommend checking your site for any unexpected administrative users or plugins you did not install," Wordfence concludes.
News URL
Related news
- GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover (source)
- GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk (source)
- Litespeed Cache bug exposes millions of WordPress sites to takeover attacks (source)
- LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks (source)