【Watch Chrysalis Online】
If your website is Watch Chrysalis Onlinepowered by the WordPress page-builder Elementor, double-check if you're using this popular plugin. Because, if you are, hackers can easily stage a complete takeover of your website thanks to a newly discovered security flaw.
Security researchers at Patchstack have released a new reportabout a concerning cybersecurity issue related to the WordPress plugin Essential Addons for Elementor. The plugin provides users with an assortment of pre-built WordPress blocks and templates for use when creating or updating their website.
"This plugin suffers from an unauthenticated privilege escalation vulnerability and allows any unauthenticated user to escalate their privilege to that of any user on the WordPress site," writes Patchstack in its report.
You May Also Like
SEE ALSO: This Google AI keynote could have been a Gmail
Basically, malicious actors can take advantage of this to reset the password of any user, including the administrator's account. If that latter account's password is reset, a hacker could basically have access to the entire website – backend and all – and take control of the site from its rightful owner. If a targeted website stores user information, this bad actor would have access to and control of that as well.
"This vulnerability occurs because this password reset function does not validate a password reset key and instead directly changes the password of the given user," explains Patchstack.
Update the plugin as soon as possible
The plugin vulnerability has since been patched and Essential Addons for Elementor users are being urged to update to version 5.7.2. All versions of the plugin prior, going back to version 5.4.0, are affected by the vulnerability. So, be sure to update the plugin!
More than 43 percentof all of the websites on the internet use WordPress. Elementor is a popular website builder for WordPress-powered sites. More than 12 millionWordPress-sites utilize Elementor. According to the WordPress Plugin Directory, more than 1 millionactive websites have the Essential Addons for Elementor installed.
Topics Cybersecurity
Search
Categories
Latest Posts
5 Ways to Access a Locked Windows Account
2025-06-26 05:15Trekkies can now wake up their Amazon Echo by saying 'computer'
2025-06-26 03:56Your 'wrong person' texts may be linked to Myanmar warlord
2025-06-26 03:05Popular Posts
Waymo data shows humans are terrible drivers compared to AI
2025-06-26 05:18'Alternative facts' push '1984' to Amazon bestseller list
2025-06-26 04:02YouTube is removing North Korean content and no one knows why
2025-06-26 02:51Today's Hurdle hints and answers for May 5, 2025
2025-06-26 02:45Featured Posts
Astronomers saw one galaxy impale another. The damage was an eye
2025-06-26 04:24New MIT report reveals energy costs of AI tools like ChatGPT
2025-06-26 03:09Popular Articles
The Mismeasure of Media
2025-06-26 04:53This is what a computer thinks rum should taste like
2025-06-26 04:52The spooky connection between these 2 late MLB players
2025-06-26 04:21Best Apple deal: Save $19 on AirTag 4
2025-06-26 03:07Newsletter
Subscribe to our newsletter for the latest updates.
Comments (77754)
Sky Information Network
Outdoor speaker deal: Save $20 on the Soundcore Boom 2
2025-06-26 05:24Pioneer Information Network
Top model 'excited' to come out as intersex advocate 'breaking the taboo'
2025-06-26 05:10Highlight Information Network
The one photo that shows exactly why women are fighting Trump
2025-06-26 04:12Exploration Information Network
Snapchat is making a big move in this European country
2025-06-26 03:04Highlight Information Network
Best IPL deal: Save $80 on Braun IPL Silk·Expert
2025-06-26 02:42