mBlog.my Free Wordpress Hosting

If you run a WordPress site and you use the Elementor website creation toolkit, you could be at risk of a security hole that combines data leakage and remote code execution.

That’s if you use a plugin called Essential Addons for Elementor, which is a popular tool for adding visual features such as timelines, image galleries, ecommerce forms and price lists.

An independent threat researcher called Wai Yan Myo Thet recently discovered what’s known as a file inclusion vulnerability in the product.

This security hole made it possible for attackers to trick the plugin into accessing…

John Leyden

02 February 2022 at 15:37 UTC

Updated: 02 February 2022 at 16:17 UTC

WordPress plugin problem patched

Developers have fixed a critical vulnerability in Essential Addons for Elementor, a popular WordPress plugin with more than one million active installations.

The security flaw, discovered by Wai Yan Myo Thet, creates a mechanism for any user to perform a local file inclusion (LFI) attack.

Worse yet, the vulnerability is capable of being leveraged to achieve remote code execution (RCE)…

The Essential Addons for Elementor WordPress plugin, with over a million users recently patched multiple vulnerabilities that could have allowed malicious attackers to run arbitrary code on a targeted WordPress website.

LFI to RCE Attack Vulnerability

According to the U.S. Government NIST website, vulnerabilities on the Essential Addons for Elementor plugin made it possible for an attacker to launch a a Local File Inclusion attack, which is an exploit that allows an attacker to cause a WordPress installation to reveal sensitive information and read arbitrary files.

From there the attack…

Nowadays maximum of people choose WordPress hosting for content posting and content marketing systems equally. The WordPress hosting is able to provide you with all the best services like Excellent data security, site maintenance, and Last but most important that they provide a high level of security while posting the website content on their site. There are numerous numbers of parameters that play a significant role while choosing WordPress hosting. Without the parameters and knowing them all you cannot just select or pick out any one of them for posting your website content.

If…

A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites.

The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts.

“This vulnerability allows any user, regardless of their authentication or authorization status, to perform a local file inclusion attack,” Patchstack said in a report. “This attack can be used to include local files on the…

One of my favorite tools in the past few days is the Block X-ray Attributes plugin by Sal Ferrarello. It is geared toward developers and shows block attributes in the WordPress editor.

After seeing his tweet on Friday, I immediately installed it.

One of my favorite tools in the past few days is the Block X-ray Attributes plugin by Sal Ferrarello. It is geared toward developers and shows block attributes in the WordPress editor.

After seeing his tweet on Friday, I immediately installed it.

Over one million WordPress websites might have been impacted by a critical vulnerability in the Essential Addons for Elementor plugin.

Essential Addons for Elementor provides WordPress site admins with more than 80 elements and extensions to help them easily design WordPress pages and posts.

Affecting version 5.0.4 and earlier of the plugin, the security flaw allows any user to perform a local file inclusion attack, regardless of their authentication or authorization level. The attack then could lead to remote code execution, if the included file contains malicious PHP code.

The issue was…

Freelance WordPress developer Aurooba Ahmed released the Super List Block plugin earlier today. Essentially, it is like the core WordPress List block — just supercharged. It is her first publicly-released extension on WordPress.org.

The primary use case for the plugin is adding other blocks within the list items. However, its options allow users to take it further by supporting grid-based layouts.

WordPress does not currently allow end-users to nest other blocks into list items via the editor. It is rich text or nothing, and it can be an irritating part of the editing experience…

New Jersey, United States,- The Blogging Platforms Market report covers the whole scenario of the global market including key players, their future promotions, preferred vendors, market shares along with historical data and price analysis. It continues to offer key details on changing dynamics to generate market improving factors. It aims to rationalize the expenses of the company. You can also find the current revenue generation rate and spend score here. The best thing about the Blogging Platforms market report is the provision of guidelines and strategies followed by major market…