If you have a blog or a site based on the WordPress platform and with a particular plugin you must read this article very carefully. Is that two high risk vulnerabilities were found in the plugin Page Builder which is used on millions of websites. In practice, it allows criminals to create new administration accounts, implement backdoors and ultimately take care of any compromised sites.
Do you have a blog with this plugin? You could be without your site!
The vulnerabilities affect several versions up to 2.10.15, inclusive. However, in 2.10.16 this problem is already solved. So if for some reason you have this system of composing pages on your blog, you must do the update right away! In most cases, we always leave it for later.
The attack works in a very simple way. Attackers can exploit security holes by getting WordPress website administrators to click on special links or attachments that lead to the execution of malicious code.
Both vulnerabilities were classified as highly serious by the Wordfence team, which is one of the most well-known firewalls in the world WordPress. As soon as they realized this problem, they analyzed and reported the failure to the programmer who the next day released a correction.
These security breaches are really serious as they can cause a person to lose all of their work. For example, it is enough for a malicious user to create an administration account and delete all articles and plugins that are installed on the site.
The reason we are giving voice to this alert is that despite the programmer having quickly released a correction, out of a million users, only 220 thousand have updated it.
However, this is not the only plugin that is being attacked. As of May 6, vulnerabilities began to be exploited in Elementor Pro and Ultimate Addons for Elementor WordPress that could redirect visitors to a specific website to a malicious page or place backdoors.
That is, when it comes to blogging it is always very important to keep everything up to date. It just takes a second to apply an update and the worst can happen.
Founder of Leak, he debuted online in 1999 when he created CDRW.co.pt. He took his first steps into the world of technology with the Spectrum 48K and never left computers. It is addicted to mobile phones, tablets and gadgets.