Critical Vulnerability in Elementor Pro exploited recently and millions of websites which are designed using this plugin.
It has been reported that people are taking full advantage of the data due to this vulnerability found in famous page builder plugin in WordPress CMS (Content Management System).
The security vulnerability, with a severity rating of 8.8 out of 10, is available in the pro version of Elementor Plugin.
Jerome Bruandet;
Asecurity researcher with NinTechNe has discovered the vulnerability, later team elementor released patch for the flaw with version 3.11.7.
An authenticated attacker can leverage the vulnerability to create an administrator account by enabling registration and setting the default role to “administrator”, change the administrator email address or redirect all traffic to an external malicious website by changing among many other possibilities.
What to do to save from Critical Vulnerability in Elementor Pro?
Here are few things you should do;
- Update version to version 3.11.7
- examine your websites for indications of infectious activities.
- Reach out to elementor support
- Make sure to check these files too at backend of your website;
- wp-resortpack.zip
- wp-rate.php
- lll.zip
- Confirm that no url is directed to this link; away[dot]trackersline[dot]com
Additional suggestion: We know @Marketist, Professional WordPress experts who can take care of your website and save you from lot of trouble.
What is Elementor Pro?
Elementor is very popular plugin, known as page builder to create website pages with drag and drop on WordPress, it is being used in more than 2 million websites worldwide, which includes some famous websites too.
There are 2 version of elementor;
- Elementor (FREE) which is free to use with limited features
- Elementor PRO which is paid plugin with number of awesome features.
Are you using elementor in any of your website? Did you check your updates? If not, do it now!
Follow TechOnClick for more tech updates.
