Security News > 2023 > May > Hackers target vulnerable Wordpress Elementor plugin after PoC released

Hackers target vulnerable Wordpress Elementor plugin after PoC released
2023-05-18 16:36

Hackers are now actively probing for vulnerable Essential Addons for Elementor plugin versions on thousands of WordPress websites in massive Internet scans, attempting to exploit a critical account password reset flaw disclosed earlier in the month.

The critical-severity flaw is tracked as CVE-2023-32243 and impacts Essential Addons for Elementor versions 5.4.0 to 5.7.1, allowing unauthenticated attackers to arbitrarily reset the passwords of administrator accounts and assume control of the websites.

At the time, a BleepingComputer reader and website owner reported that their site was hit by hackers who reset the admin password by leveraging the flaw.

A Wordfence report published yesterday sheds more light, with the company claiming to observe millions of probing attempts for the presence of the plugin on websites and has blocked at least 6,900 exploitation attempts.

Txt' file, which contains the plugin's version information, and hence determines if a site is vulnerable.

Website owners using the 'Essential Addons for Elementor' plugin are advised to apply the available security update by installing version 5.7.2 or later immediately.


News URL

https://www.bleepingcomputer.com/news/security/hackers-target-vulnerable-wordpress-elementor-plugin-after-poc-released/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-05-12 CVE-2023-32243 Improper Authentication vulnerability in Wpdeveloper Essential Addons for Elementor
Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.
network
low complexity
wpdeveloper CWE-287
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Wordpress 7 2 93 44 18 157
Elementor 3 0 24 5 3 32
Plugin 2 0 13 1 0 14