Critical RCE Vulnerability in Elementor WordPress Plugin

Critical RCE Vulnerability in Elementor WordPress Plugin

Security Risk: High

Exploitation Level: Easy

CVSS Score: 9.9

Vulnerability: Remote code execution (RCE)

Patched Version: 3.6.3

On April 12th, an important security update was released for the Elementor plugin patching a critical remote code vulnerability which allows all authenticated users, including subscribers, to upload and execute arbitrary PHP code on a vulnerable website.

This vulnerability, identified as CVE-2022-1329, is extremely severe.

Continue reading Critical RCE Vulnerability in Elementor WordPress Plugin at Sucuri Blog.

Read more: Critical RCE Vulnerability in Elementor WordPress Plugin

Story added 14. April 2022, content source with full text you can find at link above.