What Went Wrong?
- The Plugins: Both plugins, which facilitate advanced design functionalities for WordPress websites, contain a vulnerability classified as an authentication bypass bug.
- The Issue: MalCare, a renowned security firm, highlighted that this loophole allows attackers to gain full control of a WordPress site using the affected plugins.
- Quick Action: Upon discovery, Brainstorm Force was swift in its response, rolling out fixes within seven hours for both plugins. It’s crucial for users to update to the patched versions immediately: Ultimate Addons for Beaver Builder (version 1.2.4.1) and Ultimate Addons for Elementor (version 1.20.1).
Exploitation in the Wild
WebARX’s research team found active exploitation attempts on sites using the vulnerable Elementor plugin. The modus operandi involved hackers uploading a file (tmp.zip) that introduces a pseudo SEO stats plugin, which subsequently adds a backdoor to the affected site’s root directory.
How Does The Exploit Work?
The vulnerability hinges on the email address of a site’s admin user. With this email address and the affected plugin active, hackers can simply log into WordPress with admin rights. WebARX explains that the weak link lies in the plugin’s feature that offers login options via username/password, Facebook, and Google. The authentication tokens from Facebook and Google weren’t being validated, leading to this critical lapse.
Brainstorm Force Responds
Though the potential number of affected customers remains unknown, Brainstorm Force has actively addressed the issue. The company has not only released an update patching the vulnerability but has also assured users that updating the plugin is a straightforward process.
Takeaway for WordPress Users
This incident underscores the importance of regularly updating plugins and keeping abreast of security advisories. For those using either of the Brainstorm Force plugins, immediate updating is crucial.
For a comprehensive understanding of cyber solutions tailored for businesses, explore the Cybersecurity solutions we offer for businesses.
Looking for technology products? Dive into our Technology Centre and enhance your tech arsenal today!
Ready to fortify your business connectivity? Ring us at 📞 1300 024 748 or drop a line through our contact form. Your uninterrupted operations are just a call away.