Tens of Thousands of Websites Vulnerable to RCE Flaw in WordPress Plug-in
Dark Reading covered a recent RCE flaw found in a WordPress Plug-in. Potentially tens — and even hundreds — of thousands of websites powered by WordPress are vulnerable to attack via a remote code execution (RCE) bug in a widely used plug-in called Essential Addons for Elementor.
The plug-in has over 1 million installations worldwide and is designed to let website owners add a variety of customizations to pages that were built using the Elementor page builder for WordPress.
Dark Reading tapped K2 Cyber Security’s CEO and Co-Founder, Pravin Madhani for commentary.