Wordpress is one of the biggest free and open-source content management system (CMS). The platform allows its users to use plugins to better their services. It was reported that one of these add-ons has a vulnerability that could be exploited by hackers.
Elementor website builder has more than 5 million downloads and possesses a Remote Code Execution flaw. Plugin Vulnerabilities claimed that the add-on isn’t handling basic security right, as it found many functionalities where capabilities checks were missing where they shouldn’t.
The flaw was traced back to one of the latest versions of the add-in; version 3.6 that was introduced on March 22. As at the time of writing, 30.3% of the total users of this plugin have downloaded the most recent release.
Current stats suggest that more than 1.5 million websites are currently at risk of cyber attacks as they run on the said version. The team claimed that Elementor is not taking the security of its users into consideration it continues to release versions that have bugs or other issues that could result in vulnerabilities.
Wordpress Continues to grow
Last week it was reported that the Email Protection WordPress Plugin is a simple tool to protect the email addresses displayed on your website from detection and capture by web crawlers. You can still display email addresses according to custom preferences, with control over fonts, colors and more, but you’ll ensure that criminal data mining misses those emails when trawling the web.
