Vulnerability Roundup – April 2022

Vulnerability Roundup – April 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises.

To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this past month.

Remote Code Execution (RCE)
Elementor WordPress Plugin

  • Installations: 5,000,000+
  • Patched Version: 3.6.3
  • Vulnerability: Remote code execution (RCE)
  • Severity: Critical
  • CVE: CVE-2022-1329

This critical vulnerability leverages a lack of capability checks found in vulnerable versions of the Elementor plugin.

Continue reading Vulnerability Roundup – April 2022 at Sucuri Blog.

Via Sucuri.net

Tags: , , ,