Security researchers have found very serious vulnerabilities in two popular add-ons to WordPress – Elementor and WP Super Cache.
Both add-ons have millions of users worldwide. Elementor with seven million and WP Super Cache has two million users.
It’s the website The Hacker News who first reports on the news. Security researchers at Wordfence identified the vulnerabilities and wrote about them on their website.
According to information, the vulnerabilities allow malicious code to run, which can lead to a whole host of annoyances. Here’s how Wordfence details the vulnerabilities:
- WP Super Cache – RCE vulnerabilities that allow hackers to run malicious code that takes over your website.
The developers behind both Elementor and WP Super Cache have received information about the vulnerabilities and fixed them with newer versions.
Elementor found out about the vulnerability on February 23 and had a solution ready with version 3.1.4 on March 8. Automatic behind WP Super Cache fixed the vulnerability with version 1.7.2.
If you have any extensions, you must update them as soon as possible to have maximum protection.