WordPress, a popular Content Management System (CMS) was compromised last week from a vulnerability through one of their premium plugins called Elementor Pro. WordPress is utilized by:
- 810 million websites in 2023
- 500 sites are built with WordPress
- Represents 65.2% of all websites in 2022
A NinTechNet researcher discovered the vulnerability Tuesday and the developers of Elementor Pro plugin were able to release version 3.11.7 to patch the flaw.
What is a CMS?
Content Management System can help build a website where you can create, edit, organize, and publish content. CMS is great for those who do not want the hassle of building a website from scratch, and includes already made templates.
What does this vulnerability mean for my company?
Companies that utilize the Elementor Pro plugin also use the WooCommerce plugin simultaneously to create online e-commerce shops. Anyone with account access can create new accounts that have full administrator privileges. An authenticated attacker can leverage this access with the vulnerability to:
- Create an administrator account by enabling registration
- Setting the default role to “administrator”
- Change the administrator email address (
- Redirect all traffic to an external malicious website
What to lookout for
Be aware of unknown IP address, or names ending in a .zip or .php. According to the security firm Patchwork, hackers are actively exploiting this vulnerability from various IP addresses that include:
- 193.169.194.63
- 193.169.195.64
- 194.135.30.6
Anyone utilizing Elementor Pro should run the latest version. Anything older will still be vulnerable. For more information on how we can protect you, give us a call today and one of our experts will guide you through this process. Love our content? Follow us on social to stay up to date on the latest in tech news.
