Malcare researchers have discovered two critical and highly severe vulnerabilities that underpin the “Ultimate Addons for Elementor” and “Ultimate Addons for Beaver Builder” WordPress plugins. Ultimate Addons is a widely-used plugin that allows WordPress website designers to create their websites a lot faster and easier. Hundreds of thousands of websites out there have been built using Ultimate Addons, as these tools enable non-tech-savvy to reach the desired results without much effort. That said, discovering a vulnerability in these plugins, and especially one that is very easy to exploit is hugely important. Malcare discovered that hackers could gain admin access to any website that had the above plugins installed, potentially gaining full control of the target. The discovery took place on December 11, 2019, and a patch was released immediately, within a couple of hours. ‘Ultimate Addons’ Plugins for WordPress are Vulnerable to Exploitation
thumbnail courtesy of technadu.com