WordPress Elementor 3.6.2 Shell Upload
Posted by deepcore on October 5, 2022 – 6:41 am
WordPress Elementor plugin versions 3.6.0 through 3.6.2 suffer from a remote shell upload vulnerability. This is achieved by sending a request to install Elementor Pro from a user supplied zip file. Any user with Subscriber or more permissions is able to execute this.
Post a reply
You must be logged in to post a comment.