Threat actors are actively exploiting a high-severity flaw in the Elementor Pro WordPress plugin used by more than eleven million websites
WordPress security firm PatchStack warns of a high-severity vulnerability in the Elementor Pro WordPress plugin that is currently being exploited by threat actors in the wild.
Elementor Pro is a paid plugin that is currently installed on over 11 million websites, it allows users to easily create WordPress websites.
This vulnerability was reported on March 18 by security researcher Jerome Bruandet from NinTechNet.
The expert reported that the issue impacts Elementor Pro when it is installed on a site that has WooCommerce activated.
The issue impacts version v3.11.6 and all versions before it, allowing authenticated users, like shop customers or site members, to change the site’s settings and can potentially lead to a complete site takeover.
“Elementor Pro, a popular page builder plugin for WordPress, fixed a broken access control vulnerability affecting versions <=3.11.6 that could allow full site takeover.” reads the advisory published by Bruanded.
The flaw is broken access control on the plugin’s WooCommerce module (“elementor-pro/modules/woocommerce/module.php”), anyone can exploit the issue to change WordPress settings in the database. The flaw is exploited through a vulnerable AJAX action, “pro_woocommerce_update_page_option,” which is used by Elementor’s built-in editor.
The issue stems from improper input validation and a lack of capability check to restrict its access to a high privileged user only. […]
To read the original article:
https://securityaffairs.com/144290/hacking/elementor-pro-wordpress-plugin-critical-bug.html