HomeNewsA security flaw has been discovered in a famous WordPress plugin

A security flaw has been discovered in a famous WordPress plugin

-

Last Updated on 22/11/2021 by Riya

A security flaw has been found in a famous plugin that puts over a million WordPress websites’ data at risk. Wordfence Threat Intelligence experts disclosed a hole in the Starter Templates – Elementor, Gutenberg & Beaver Builder Templates plugin assist contributor-level users to overwrite any page on the website and inject malicious JavaScript at will.

However, the flaw was fixed on October 7 and all users were suggested to upgrade to the new version 2.7.5 in order to avoid further exposure. Several users use the WordPress plugin to utilize pre-designed templates from other website builders including Elementor.

According to Wordfence, such flaw can be exploited in different ways such as taking users to a malicious website, hijacking an admin session to add new admins, or adding a backdoor to the site to take the charge of the entire site.

To avoid such circumstances Wordfence advised all affected users to share this news of the security flaw with the other sites so that they can protect themselves against any cybercrime.

This is not the first time WordPress users experience a vulnerability, on August 3, two serious security flaws were discovered in the Ninja Forms WordPress plugin, putting the data of over 1,000,000 users at danger of being hacked.

Riya
Riya
Riya is a technology enthusiast and an avid researcher. She writes about consumer tech, hacking, and technology consumer issues at TheDigitalHacker.
- Advertisment -

Must Read

DirectTV streaming network will sell your data even if you don’t...

0
DirectTV is a streaming network that delivers streaming content as a service. The content is generally live sports and 14.6M+ people subscribe to their...