On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by PatchStack. The technical details of this vulnerability can be found on their recent blog post. Over one million websites use this plugin and the fallout from this has been absolutely massive, with over 6,000 detections by SiteCheck already so far and 1637 detections in publicWWW scan results.
Naturally, if you are a website owner using this plugin and haven’t yet already, patch now!
Continue reading Vulnerability in Essential Addons for Elementor Leads to Mass Infection at .