Critical RCE Vulnerability in Elementor WordPress Plugin

Critical RCE Vulnerability in Elementor WordPress Plugin

Security Risk: High

Exploitation Level: Easy

CVSS Score: 9.9

Vulnerability: Remote code execution (RCE)

Patched Version: 3.6.3

On April 12th, an important security update was released for the Elementor plugin patching a critical remote code vulnerability which allows all authenticated users, including subscribers, to upload and execute arbitrary PHP code on a vulnerable website.

This vulnerability, identified as CVE-2022-1329, is extremely severe.

Continue reading Critical RCE Vulnerability in Elementor WordPress Plugin at Sucuri Blog.

Source: https://blog.sucuri.net/2022/04/critical-rce-vulnerability-in-elementor-wordpress-plugin.html