Protect against Log4J without patching
Learn More
 
Protect against Log4J without patching
Learn More

news-highlightsTens of Thousands of Websites Vulnerable to RCE Flaw in WP Plug-in

Tens of Thousands of Websites Vulnerable to RCE Flaw in WordPress Plug-in

News Highlights

February 3, 2022

Tens of Thousands of Websites Vulnerable to RCE Flaw in WordPress Plug-in


Dark Reading covered a recent RCE flaw found in a WordPress Plug-in. Potentially tens — and even hundreds — of thousands of websites powered by WordPress are vulnerable to attack via a remote code execution (RCE) bug in a widely used plug-in called Essential Addons for Elementor.

The plug-in has over 1 million installations worldwide and is designed to let website owners add a variety of customizations to pages that were built using the Elementor page builder for WordPress.

Dark Reading tapped K2 Cyber Security’s CEO and Co-Founder, Pravin Madhani for commentary.

Click here to read the complete article on Dark Reading.

K2 CYBER SECURITY

K2 Cyber Security delivers the Next Generation Application Security Platform to secure web applications and container workloads against sophisticated attacks in OWASP Top 10 and provides exploitable vulnerability detection during pre-production. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production/QA servers for interactive application security testing to identify the location of the vulnerable code. K2’s solution generates almost no false positives, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools like Web Application Firewalls and host based EDR, finds missed exploitable vulnerabilities and dramatically reduces security cost. K2 Cyber Security is headquartered in the USA and provides cyber security solutions globally.

CONTACT INFO

K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131