New vulnerability on a WorPress plugin: Elementor Page Builder. The flaw allows a remote attacker to escalate privileges on the system and there is a proof of concept. Update it to the latest version!
New vulnerability in a WordPress plugin: this time it’s up to Elementor Page Builder. According to CyberSecurity Help, the flaw allows a remote attacker to escalate privileges on the system. It exists due to improper authentication checks in the “handle_ajax_request” and “enable_safe_mode” functions. A remote autenticated attacker can enable Safe Mode feature and disable security plugins installed on the website such as firewall, antispam, two-factor authentication or captcha plugins for instance. At the moment, there are no news of malware exploiting the bug. However, proof of concept for this vulnerability is available and the plug has been installed over 3 million times. The best way to mitigate the threat is to install updates from vendor’s website. In fact, the vulnerability affects versions up to the 2.9.5, but now the latest one is the 2.9.7.