RSS种子
新闻
May
20
WordPress 插件 Elementor Pro 漏洞 安全通知
发布人 Miles R 发表于 20 May 2020 02:04 PM

尊敬的 hostgator 用户:

我们在WordPress插件 Elementor Pro插件中发现了一个漏洞(远程代码执行(RCE)攻击),该漏洞可能允许使用者远程执行代码。
WordPress是使用PHP实现的基于Web的发布应用程序,而Elementor Pro 插件允许网站设计人员使用和创建者使用自定义主题和窗口小部件来创建网页。使用者可能利用此漏洞来远程执行代码。
黑客正在活跃的利用Elementor Pro和Ultimate Addons的Elementor WordPress中的两个安全漏洞,最终目的是远程执行任意代码并完全破坏未更新插件的网站。

受影响的插件:
2.9.4版本之前Elementor Pro插件

漏洞利用
1)成功利用此安全漏洞的攻击者可以安装后门或Web Shell来维护对受感染站点的访问,获得完全管理员访问权限以完全破坏它,甚至清除整个网站。
2)如果他们无法注册为用户,则可以利用第二个漏洞来影响Ultimate插件的Elementor WordPress插件(已安装在110,000多个网站上),这将使他们可以在运行该插件的任何站点上注册成为用户,即使用户注册功能被禁用。
3)然后他们继续使用新注册的帐户来利用Elementor Pro漏洞并实现远程代码执行

您需要做如下操作:
1)在进行适当的测试后,立即在网站中更新Elementor提供的新版本。
2)将Elementor Pro更新到2.9.4或更高版本,此版本修复了远程执行代码漏洞。
3)对于Elementor的Ultimate Addons,用户应升级到1.24.2或更高版本。
4)关于VPS和独立服务器,在更新插件之前,请确认系统中没有遭受过由于相关漏洞导致的网站入侵。

有关更多详细信息,请参考以下的链接

https://www.wordfence.com/blog/2020/05/combined-attack-on-elementor-pro-and-ultimate-addons-for-elementor-puts-1-million-sites-at-risk/
https://www.bleepingcomputer.com/news/security/critical-wordpress-plugin-bug-lets-hackers-take-over-1m-sites/

如有任何疑问,请联系我们的支持团队。

如果您对此有任何疑问,请您随时与我们保持联系。

-----------------------------------------------------------------------------------------------------------------------------------------------------

Dear Customer,

A vulnerability (Remote Code Execution (RCE) attack) has been discovered in the Elementor Pro Plugin that could allow for remote code execution. WordPress is a web-based publishing application implemented in PHP, and the Elementor Pro Plugin allows website designers and creators to create webpages using custom themes and widgets. Successful exploitation of this vulnerability could allow for remote code execution.

Hackers are actively exploiting two security vulnerabilities in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins with the end goal of remotely executing arbitrary code and fully compromising unpatched targets.

Plugin Affected:
Elementor Pro plugin prior to 2.9.4

The Exploit:
1) The attackers who successfully exploit this security flaw can then install backdoors or web shells to maintain access to the compromised sites, gain full admin access to fully compromise it, or even wipe the entire site.
2) If they can't register as users, they can exploit the second vulnerability affecting the Ultimate Addons for Elementor WordPress plugin (installed on over 110,000 sites) which will allow them to register as subscriber-level users on any site running the plugin even if user registration is disabled.
3) Then they proceed to use the newly registered accounts to exploit the Elementor Pro vulnerability and achieve remote code execution.

What should be done:
1) Apply appropriate updates provided by Elementor manually to affected systems, immediately after appropriate testing.
2) Update Elementor Pro to version 2.9.4 or above which fixes the remote code execution vulnerability.
3) For Ultimate Addons for Elementor, users should upgrade to version 1.24.2 or later.
4) Verify no unauthorized system modifications have occurred on the system before applying the patch.

For more details, refer the links given below:

https://www.wordfence.com/blog/2020/...sites-at-risk/
https://www.bleepingcomputer.com/new...over-1m-sites/

Please contact our support team if you have any questions.


相关评论 (0)
发表新的评论
 
 
用户全名:
电子邮件:
评论内容: