A recent report has revealed a serious security vulnerability within the ‘Word Press’ content management system that causes the privacy of millions of people to be compromised.
Cybersecurity firm NinTechNet researcher Jerome Bruandt said the vulnerability, rated 8.8 in terms of gravity, it is contained within an add-on called Elementor Pro, which allows its users to create websites with professional tools of high quality and functionality, and the number of its users reaches 12 million sites web on “WordPress.
The report states that the severity of the vulnerability lies in the fact that it allows any user or visitor of the affected sites to create a new account with superior powers to manage the sites and in whereby it obtains full authority to dispose of all forms of content available on those sites.
The report adds that the vulnerability allows the attacker to create an account with the authority of a site operator, to fully control the content posted or viewed, and can also delete the accounts of current managers, which makes the site in the hands of the hacker, and the site managers will not in able to retrieve it easily.
Elementor, who developed the add-on in security vulnerability appeared, tried to fix it and released an update software with the number 3.11.7 to bridge it.
PatchStack, a cybersecurity company, explained that the vulnerability is already being exploited by groups of hackers to launch attacks on websites built on the “Word Press” system and using plug-insin infected by the vulnerability.
Security researchers have warned all users of the infected extensions and stressed the need to update them to the latest version released by the developers to ensure the security of their websites, preserve the privacy of their data and ensure that hackers do not access the data of the site.
And according to Statista statistics, the number of sites web running the “Word Press” system reached 810 million in 2022.
The post Millions of People at Risk of Privacy Violation due to Critical Security Flaw in WordPress appeared first on Asume Tech.
from Technology - Asume Tech https://asumetech.com/millions-of-people-at-risk-of-privacy-violation-due-to-critical-security-flaw-in-wordpress/
No comments:
Post a Comment