Security News > 2023 > October > Hackers exploit critical flaw in WordPress Royal Elementor plugin
A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams.
Two WordPress security firms, Wordfence and WPScan, have marked CVE-2023-5360 as actively exploited since August 30, 2023, with the attack volume ramping up starting on October 3, 2023.
Wordfence reports having blocked over 46,000 attacks targeting Royal Elementor in the past month, while WPScan has recorded 889 cases of attackers dropping ten distinct payloads after leveraging the flaw.
Most payloads used in these attacks are PHP scripts that attempt to create a WordPress administrator user named 'wordpress administrator' or act as a backdoor.
WordPress says the majority of the attacks originate from just two IP addresses, so the exploit may be known only to a handful of threat actors.
The vendor of the add-on was contacted with full details on October 3 and released Royal Elementor Addons and Templates version 1.3.79 on October 6, 2023, to fix the flaw.
News URL
Related news
- Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-5360 | Unrestricted Upload of File with Dangerous Type vulnerability in Royal-Elementor-Addons Royal Elementor Addons The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE. | 9.8 |