{"id":349,"date":"2023-04-03T11:18:11","date_gmt":"2023-04-03T11:18:11","guid":{"rendered":"https:\/\/certerassl.com\/blog\/?p=349"},"modified":"2023-06-05T11:55:52","modified_gmt":"2023-06-05T11:55:52","slug":"elementor-pro-vulnerability-hackers-exploited-bug","status":"publish","type":"post","link":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/","title":{"rendered":"WordPress Plugin Elementor Pro Found Vulnerable &#8211; Hackers Exploited Bug"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">WordPress Elementor Pro Vulnerability put Millions of sites in danger: Hackers aggressively Exploited Bug<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A critical vulnerability&nbsp;has been discovered in the extensively used <strong>Elementor Pro WordPress Plugin<\/strong>. Hackers are constantly attempting to leverage the flaw, which affects versions before v3.11.6 and affects over eleven million websites. This Threat feed will dig deeply into the vulnerability\u2019s details and consequences<strong>.<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Elementor Pro<\/strong> is a WordPress page builder tool that helps users to create professional-looking websites without learning how to code. It includes drag and drop, a template library, theme building, and a WooCommerce builder.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">The Identification of the Vulnerability<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>NinTechNet<\/strong> researcher <strong>Jerome Bruandet<\/strong> found this vulnerability on March 18, 2023, and provided technical information about how the flaw can be abused when set up alongside WooCommerce.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Technical information on the Vulnerability<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The <strong>Elementor Pro flaw<\/strong> is exceptionally dangerous because it enables attackers to breach security measures and obtain access to the website&#8217;s backend.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">According to the researcher, the vulnerability is caused by faulty control of access on the <strong>WooCommerce module (&#8220;elementor-pro\/modules\/woocommerce\/module.php&#8221;),<\/strong> which allows anyone to change WordPress settings in the database without adequate verification.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The flaw can be exploited due to poorly designed input validation and the deficiency of capability controls in the weak <strong>AJAX action<\/strong> or <strong>pro_woocommerce_update_page_option<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Consequences of the Vulnerability<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Bruandet briefly explained this in a technical article about the issue. <em>&#8220;An authenticated attacker can use the vulnerability to create an administrator account through registration and setting the default role to &#8220;administrator,&#8221; alter the email address of the administrator, or reroute all incoming traffic to a malicious website by changing the site URL.&#8221;<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">It is essential to note that to abuse the specific vulnerability, the WooCommerce plugin, which triggers the corresponding susceptible module on Elementor Pro, must be downloaded on the site.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Elementor Pro Vulnerability Aggressively Exploited<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">According to WordPress security company &#8220;<strong>PatchStack<\/strong>,&#8221; malicious users are vigorously exploiting the Elementor Pro plugin bug to reroute legitimate users to harmful sites or upload backdoors to the compromised site. Moreover, PatchStack has uncovered that the backdoors uploaded to implement the attack name as wp-rate.php or lll.zip, wp-resortpark.zip. &nbsp;\u201cBleepingComputer\u201d discovered a copy of the lll.zip archive, which includes a PHP script that enables an external attacker to upload more documents to the hacked server.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This backdoor would grant the intruder complete access to the WordPress site, allowing them to take data or upload destructive malicious code. The majority of attacks on vulnerable websites are launched from three IP addresses: 193.169.194.63, 193.169.195.64, and 194.135.30.6.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Suggestions for Elementor Pro Users<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Fortunately, WordPress Elementor Pro Vulnerability was patched on March 22nd, just four days after it was found and put forward to the authors. Patchstack, on the other hand, reports ongoing exploitation from multiple IP addresses, files being uploaded to more vulnerable sites, and site URLs moving to malicious user-controlled locations.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To avoid becoming a victim of this security flaw, it is essential to update to the most recent version of Elementor Pro, 3.11.7, or later as soon as possible. It is also recommended that the three IP addresses (above-mentioned IP addresses) be added to a block list.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This is not the first time hackers have attacked WordPress plugins. WordPress was compelled to carry out a forced upgrade of the WooCommerce Payments plugin, which is used by online shops, last week.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As per the <a href=\"https:\/\/elementor.com\/help\/elementor3-11-7-security-vulnerability-resolved\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">official statement from Elementor Pro<\/a>, the vulnerability was resolved in version 3.11.7.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"recent-vulnerabilities-and-attacks-of-2023\">Recent Vulnerabilities and Attacks of 2023<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/certera.com\/blog\/balada-malware-infects-million-wordpress-websites\">Balada Malware Attack on WordPress<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\">WordPress Plugin Elementor Pro Found Vulnerable<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/blog\/chrome-zero-day-exploit\" target=\"_blank\" rel=\"noreferrer noopener\">Chrome Zero-Day Exploit 2023<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/blog\/decoy-dog-malware-toolkit-uncovered\">Decoy Dog Malware Toolkit<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/blog\/wordpress-code-snippets-plugin-vulnerability-1-million-sites-compromised\">WordPress Code Snippets Plugin Vulnerability<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/blog\/western-digital-data-breach-10-tb-customer-data-stolen\">Western Digital Data Breach<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/certera.com\/blog\/atomic-wallet-security-glitch-35m-cryptocurrency-theft\">Atomic Wallet Security Glitch<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>WordPress Elementor Pro Vulnerability put Millions of sites in danger: Hackers aggressively Exploited Bug A critical vulnerability&nbsp;has been discovered in the extensively used Elementor Pro WordPress Plugin. Hackers are constantly attempting to leverage the flaw, which affects versions before v3.11.6 and affects over eleven million websites. This Threat feed will dig deeply into the vulnerability\u2019s<span class=\"morelink d-block mt-3\"><a href=\"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/\">Read More<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":354,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[29,33],"class_list":["post-349","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerability","tag-cyberattack","tag-vulnerability","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Elementor Pro WordPress Plugin Vulnerability - Sites Under Risks<\/title>\n<meta name=\"description\" content=\"Learn about the recent Elementor Pro WordPress Plugin vulnerability and its potential impact on the website,\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Elementor Pro WordPress Plugin Vulnerability - Sites Under Risks\" \/>\n<meta property=\"og:description\" content=\"Learn about the recent Elementor Pro WordPress Plugin vulnerability and its potential impact on the website,\" \/>\n<meta property=\"og:url\" content=\"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/\" \/>\n<meta property=\"og:site_name\" content=\"EncryptedFence by Certera - Web &amp; Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/certeraLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-03T11:18:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-05T11:55:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/04\/wp-sites-under-risks-jpg.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"620\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Janki Mehta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:site\" content=\"@certera_llc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Janki Mehta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/\"},\"author\":{\"name\":\"Janki Mehta\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\"},\"headline\":\"WordPress Plugin Elementor Pro Found Vulnerable &#8211; Hackers Exploited Bug\",\"datePublished\":\"2023-04-03T11:18:11+00:00\",\"dateModified\":\"2023-06-05T11:55:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/\"},\"wordCount\":616,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/wp-sites-under-risks-jpg.webp\",\"keywords\":[\"cyberattack\",\"vulnerability\"],\"articleSection\":[\"Vulnerability\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/#respond\"]}],\"copyrightYear\":\"2023\",\"copyrightHolder\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/\",\"name\":\"Elementor Pro WordPress Plugin Vulnerability - Sites Under Risks\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/wp-sites-under-risks-jpg.webp\",\"datePublished\":\"2023-04-03T11:18:11+00:00\",\"dateModified\":\"2023-06-05T11:55:52+00:00\",\"description\":\"Learn about the recent Elementor Pro WordPress Plugin vulnerability and its potential impact on the website,\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/#primaryimage\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/wp-sites-under-risks-jpg.webp\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/wp-sites-under-risks-jpg.webp\",\"width\":960,\"height\":620,\"caption\":\"WP Sites under risks - Elementor Pro Vulnerability\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/elementor-pro-vulnerability-hackers-exploited-bug\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/certera.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WordPress Plugin Elementor Pro Found Vulnerable &#8211; Hackers Exploited Bug\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"name\":\"EncryptedFence by Certera - Web & Cyber Security Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\"},\"alternateName\":\"Certera's EncryptedFence Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/certera.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#organization\",\"name\":\"Certera\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"contentUrl\":\"https:\\\/\\\/certera.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/logo-encryptedfence.svg\",\"caption\":\"Certera\"},\"image\":{\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/certeraLLC\\\/\",\"https:\\\/\\\/x.com\\\/certera_llc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/certera-llc\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/certera.com\\\/blog\\\/#\\\/schema\\\/person\\\/e5a476aa90d9e02260ebfe4b0bf046b7\",\"name\":\"Janki Mehta\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g\",\"caption\":\"Janki Mehta\"},\"description\":\"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\\\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.\",\"sameAs\":[\"https:\\\/\\\/certerassl.com\\\/\"],\"url\":\"https:\\\/\\\/certera.com\\\/blog\\\/author\\\/certerabguser\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Elementor Pro WordPress Plugin Vulnerability - Sites Under Risks","description":"Learn about the recent Elementor Pro WordPress Plugin vulnerability and its potential impact on the website,","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/","og_locale":"en_US","og_type":"article","og_title":"Elementor Pro WordPress Plugin Vulnerability - Sites Under Risks","og_description":"Learn about the recent Elementor Pro WordPress Plugin vulnerability and its potential impact on the website,","og_url":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/","og_site_name":"EncryptedFence by Certera - Web &amp; Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/certeraLLC\/","article_published_time":"2023-04-03T11:18:11+00:00","article_modified_time":"2023-06-05T11:55:52+00:00","og_image":[{"width":960,"height":620,"url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/04\/wp-sites-under-risks-jpg.webp","type":"image\/jpeg"}],"author":"Janki Mehta","twitter_card":"summary_large_image","twitter_creator":"@certera_llc","twitter_site":"@certera_llc","twitter_misc":{"Written by":"Janki Mehta","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/#article","isPartOf":{"@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/"},"author":{"name":"Janki Mehta","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7"},"headline":"WordPress Plugin Elementor Pro Found Vulnerable &#8211; Hackers Exploited Bug","datePublished":"2023-04-03T11:18:11+00:00","dateModified":"2023-06-05T11:55:52+00:00","mainEntityOfPage":{"@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/"},"wordCount":616,"commentCount":0,"publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"image":{"@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/04\/wp-sites-under-risks-jpg.webp","keywords":["cyberattack","vulnerability"],"articleSection":["Vulnerability"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/#respond"]}],"copyrightYear":"2023","copyrightHolder":{"@id":"https:\/\/certera.com\/blog\/#organization"}},{"@type":"WebPage","@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/","url":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/","name":"Elementor Pro WordPress Plugin Vulnerability - Sites Under Risks","isPartOf":{"@id":"https:\/\/certera.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/#primaryimage"},"image":{"@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/#primaryimage"},"thumbnailUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/04\/wp-sites-under-risks-jpg.webp","datePublished":"2023-04-03T11:18:11+00:00","dateModified":"2023-06-05T11:55:52+00:00","description":"Learn about the recent Elementor Pro WordPress Plugin vulnerability and its potential impact on the website,","breadcrumb":{"@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/#primaryimage","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/04\/wp-sites-under-risks-jpg.webp","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/04\/wp-sites-under-risks-jpg.webp","width":960,"height":620,"caption":"WP Sites under risks - Elementor Pro Vulnerability"},{"@type":"BreadcrumbList","@id":"https:\/\/certera.com\/blog\/elementor-pro-vulnerability-hackers-exploited-bug\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/certera.com\/blog\/"},{"@type":"ListItem","position":2,"name":"WordPress Plugin Elementor Pro Found Vulnerable &#8211; Hackers Exploited Bug"}]},{"@type":"WebSite","@id":"https:\/\/certera.com\/blog\/#website","url":"https:\/\/certera.com\/blog\/","name":"EncryptedFence by Certera - Web & Cyber Security Blog","description":"","publisher":{"@id":"https:\/\/certera.com\/blog\/#organization"},"alternateName":"Certera's EncryptedFence Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/certera.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/certera.com\/blog\/#organization","name":"Certera","url":"https:\/\/certera.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","contentUrl":"https:\/\/certera.com\/blog\/wp-content\/uploads\/2023\/08\/logo-encryptedfence.svg","caption":"Certera"},"image":{"@id":"https:\/\/certera.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/certeraLLC\/","https:\/\/x.com\/certera_llc","https:\/\/www.linkedin.com\/company\/certera-llc\/"]},{"@type":"Person","@id":"https:\/\/certera.com\/blog\/#\/schema\/person\/e5a476aa90d9e02260ebfe4b0bf046b7","name":"Janki Mehta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1fba817ef81065f1393461fc3a0d85c40f2cc826919819ea4df4b12d76566e62?s=96&d=https%3A%2F%2Fcertera.com%2Fblog%2Fwp-content%2Fuploads%2F2023%2F02%2Fhttps-vs-sftp-jpg.webp&r=g","caption":"Janki Mehta"},"description":"Janki Mehta is a passionate Cyber-Security Enthusiast who keenly monitors the latest developments in the Web\/Cyber Security industry. She puts her knowledge into practice and helps web users by arming them with the necessary security measures to stay safe in the digital world.","sameAs":["https:\/\/certerassl.com\/"],"url":"https:\/\/certera.com\/blog\/author\/certerabguser\/"}]}},"_links":{"self":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/349","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/comments?post=349"}],"version-history":[{"count":11,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/349\/revisions"}],"predecessor-version":[{"id":1027,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/posts\/349\/revisions\/1027"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media\/354"}],"wp:attachment":[{"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/media?parent=349"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/categories?post=349"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certera.com\/blog\/wp-json\/wp\/v2\/tags?post=349"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}