Hackers attack WordPress via unpatched Elementor Pro plugin

WordPress administrators using the Elementor Pro plugin should urgently check if it is up to date and if WordPress has already been compromised (e.g. check urlscan.io to see what connections are going down). On March 18, 2023, NinTechNet security researcher Jerome Bruandet had discovered a vulnerability that can be exploited if the plugin is installed together with WooCommerce. Hackers are now actively exploiting the highly dangerous vulnerability in WordPress plugin Elementor Pro. The plugin for creating WordPress pages is used by over eleven million websites. Details have been summarized by the colleagues from Bleeping Computer here (thanks to the reader's tip).


Cookies helps to fund this blog: Cookie settings

This entry was posted in Security, Software and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *