It goes without saying that the vast majority of websites on the Internet are created using WordPress.

Elementor and WP Super Cache plugins are two of the most commonly used plugins for creating websites on WordPress, and Wordfence researchers have now discovered a flaw in this plugin.

The Hacker News website points out that it is even possible to gain admin access to the site using this vulnerability, and if you use one of these plugins, they are advised to update to the latest version as soon as possible.

This vulnerability has been fixed in version 3.1.4 of the Elementor plugin and version 1.7.2 of the WP Super Cache plugin, the main vulnerability being the ability to perform cross-site scripting (XSS) attacks.

Most of the articles written by a normal user on a WordPress website are reviewed by an admin or an editor, and when opening the relevant articles for such review, another admin user can create an XSS attack using the admin session automatically. Has received via.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like