{"id":2198,"date":"2023-05-15T04:35:54","date_gmt":"2023-05-15T02:35:54","guid":{"rendered":"https:\/\/it-news-blog.com\/?p=2198"},"modified":"2023-05-20T05:00:12","modified_gmt":"2023-05-20T03:00:12","slug":"kritische-sicherheitsluecke-in-wordpress-plug-in-essential-addons-for-elementor","status":"publish","type":"post","link":"https:\/\/it-news-blog.com\/?p=2198","title":{"rendered":"Kritische Sicherheitsl\u00fccke in WordPress-Plug-in Essential Addons for Elementor"},"content":{"rendered":"

Eine kritische Sicherheitsl\u00fccke wurde im beliebten und millionenfach installierten WordPress-Plug-in „Essential Addons for Elementor“ entdeckt. Die L\u00fccke erm\u00f6glicht nichtauthentifizierten Angreifern die vollst\u00e4ndige \u00dcbernahme der WordPress-Instanz.<\/strong><\/p>\n

Eine aktualisierte Version des Plug-ins (5.7.2) wurde bereits ver\u00f6ffentlicht, diese sollte m\u00f6glichst schnell installiert werden. Die erkannte L\u00fccke erlaubt es, dass Angreifer Passw\u00f6rter zur\u00fccksetzen und sich als Administrator anmelden k\u00f6nnen. Betroffen sind nach unserem Kenntnisstand die Versionen 5.4.0 bis 5.7.1 des Plug-ins.<\/p>\n

IT-Forscher von Patchstack haben die L\u00fccke gemeldet und das Plug-in wurde innerhalb von drei Tagen aktualisiert.<\/p>\n

Es wird empfohlen, das Update umgehend zu installieren oder das Plug-in nicht mehr zu nutzen, um Angriffe zu verhindern. Bereits im April wurde eine hochriskante Sicherheitsl\u00fccke im WordPress-Plug-in „Elementor Pro“ von Angreifern ausgenutzt, um administrativen Zugang zu WordPress-Websites zu erlangen.<\/p>\n

Matthias A. Walter,<\/strong> http:\/\/www.tec4net.com<\/a><\/p>\n

\n

EDV-Sachverst\u00e4ndiger und Datenschutzauditor<\/p>\n<\/div>\n

\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014-<\/p>\n

Quellen und Links:<\/strong><\/p>\n

Webseite zum Plug-in
\nhttps:\/\/wordpress.org\/plugins\/essential-addons-for-elementor-lite<\/a><\/p>\n

Meldung von Patchstack
\nhttps:\/\/patchstack.com\/articles\/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites<\/a><\/p>\n

tec4net – Datenschutz und IT-Sicherheit praktikabel umsetzen
\n<\/strong>Wir beraten und auditieren DSGVO und BDSG sowie die Normen ISO\/IEC 27001, TISAX und PCI-DSS. <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Eine kritische Sicherheitsl\u00fccke wurde im beliebten und millionenfach installierten Wordpress-Plug-in „Essential Addons for Elementor“ entdeckt. Die L\u00fccke erm\u00f6glicht nichtauthentifizierten Angreifern die vollst\u00e4ndige \u00dcbernahme der Wordpress-Instanz.<\/p>\n","protected":false},"author":2,"featured_media":1680,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[343],"tags":[422,306,423,390,169,69,391,38,421],"yoast_head":"\nKritische Sicherheitsl\u00fccke in Wordpress-Plug-in Essential Addons for Elementor - IT-NEWS-BLOG<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/it-news-blog.com\/?p=2198\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kritische Sicherheitsl\u00fccke in Wordpress-Plug-in Essential Addons for Elementor - IT-NEWS-BLOG\" \/>\n<meta property=\"og:description\" content=\"Eine kritische Sicherheitsl\u00fccke wurde im beliebten und millionenfach installierten Wordpress-Plug-in "Essential Addons for Elementor" entdeckt. Die L\u00fccke erm\u00f6glicht nichtauthentifizierten Angreifern die vollst\u00e4ndige \u00dcbernahme der Wordpress-Instanz.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/it-news-blog.com\/?p=2198\" \/>\n<meta property=\"og:site_name\" content=\"IT-NEWS-BLOG\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-15T02:35:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-20T03:00:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/it-news-blog.com\/wp-content\/uploads\/2012\/05\/310512.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"960\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Matthias Walter\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Matthias Walter\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"1\u00a0Minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/it-news-blog.com\/?p=2198\",\"url\":\"https:\/\/it-news-blog.com\/?p=2198\",\"name\":\"Kritische Sicherheitsl\u00fccke in Wordpress-Plug-in Essential Addons for Elementor - IT-NEWS-BLOG\",\"isPartOf\":{\"@id\":\"https:\/\/it-news-blog.com\/#website\"},\"datePublished\":\"2023-05-15T02:35:54+00:00\",\"dateModified\":\"2023-05-20T03:00:12+00:00\",\"author\":{\"@id\":\"https:\/\/it-news-blog.com\/#\/schema\/person\/e0c100c6b645f34e659beeb06e2295fc\"},\"breadcrumb\":{\"@id\":\"https:\/\/it-news-blog.com\/?p=2198#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/it-news-blog.com\/?p=2198\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/it-news-blog.com\/?p=2198#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/it-news-blog.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kritische Sicherheitsl\u00fccke in WordPress-Plug-in Essential Addons for Elementor\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/it-news-blog.com\/#website\",\"url\":\"https:\/\/it-news-blog.com\/\",\"name\":\"IT-NEWS-BLOG\",\"description\":\"Ein Service der tec4net GmbH\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/it-news-blog.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"de\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/it-news-blog.com\/#\/schema\/person\/e0c100c6b645f34e659beeb06e2295fc\",\"name\":\"Matthias Walter\",\"sameAs\":[\"https:\/\/tec4net.com\"],\"url\":\"https:\/\/it-news-blog.com\/?author=2\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Kritische Sicherheitsl\u00fccke in Wordpress-Plug-in Essential Addons for Elementor - IT-NEWS-BLOG","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/it-news-blog.com\/?p=2198","og_locale":"de_DE","og_type":"article","og_title":"Kritische Sicherheitsl\u00fccke in Wordpress-Plug-in Essential Addons for Elementor - IT-NEWS-BLOG","og_description":"Eine kritische Sicherheitsl\u00fccke wurde im beliebten und millionenfach installierten Wordpress-Plug-in \"Essential Addons for Elementor\" entdeckt. Die L\u00fccke erm\u00f6glicht nichtauthentifizierten Angreifern die vollst\u00e4ndige \u00dcbernahme der Wordpress-Instanz.","og_url":"https:\/\/it-news-blog.com\/?p=2198","og_site_name":"IT-NEWS-BLOG","article_published_time":"2023-05-15T02:35:54+00:00","article_modified_time":"2023-05-20T03:00:12+00:00","og_image":[{"width":960,"height":400,"url":"https:\/\/it-news-blog.com\/wp-content\/uploads\/2012\/05\/310512.jpg","type":"image\/jpeg"}],"author":"Matthias Walter","twitter_card":"summary_large_image","twitter_misc":{"Verfasst von":"Matthias Walter","Gesch\u00e4tzte Lesezeit":"1\u00a0Minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/it-news-blog.com\/?p=2198","url":"https:\/\/it-news-blog.com\/?p=2198","name":"Kritische Sicherheitsl\u00fccke in Wordpress-Plug-in Essential Addons for Elementor - IT-NEWS-BLOG","isPartOf":{"@id":"https:\/\/it-news-blog.com\/#website"},"datePublished":"2023-05-15T02:35:54+00:00","dateModified":"2023-05-20T03:00:12+00:00","author":{"@id":"https:\/\/it-news-blog.com\/#\/schema\/person\/e0c100c6b645f34e659beeb06e2295fc"},"breadcrumb":{"@id":"https:\/\/it-news-blog.com\/?p=2198#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/it-news-blog.com\/?p=2198"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/it-news-blog.com\/?p=2198#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/it-news-blog.com\/"},{"@type":"ListItem","position":2,"name":"Kritische Sicherheitsl\u00fccke in WordPress-Plug-in Essential Addons for Elementor"}]},{"@type":"WebSite","@id":"https:\/\/it-news-blog.com\/#website","url":"https:\/\/it-news-blog.com\/","name":"IT-NEWS-BLOG","description":"Ein Service der tec4net GmbH","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/it-news-blog.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"de"},{"@type":"Person","@id":"https:\/\/it-news-blog.com\/#\/schema\/person\/e0c100c6b645f34e659beeb06e2295fc","name":"Matthias Walter","sameAs":["https:\/\/tec4net.com"],"url":"https:\/\/it-news-blog.com\/?author=2"}]}},"_links":{"self":[{"href":"https:\/\/it-news-blog.com\/index.php?rest_route=\/wp\/v2\/posts\/2198"}],"collection":[{"href":"https:\/\/it-news-blog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/it-news-blog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/it-news-blog.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/it-news-blog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2198"}],"version-history":[{"count":1,"href":"https:\/\/it-news-blog.com\/index.php?rest_route=\/wp\/v2\/posts\/2198\/revisions"}],"predecessor-version":[{"id":2199,"href":"https:\/\/it-news-blog.com\/index.php?rest_route=\/wp\/v2\/posts\/2198\/revisions\/2199"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/it-news-blog.com\/index.php?rest_route=\/wp\/v2\/media\/1680"}],"wp:attachment":[{"href":"https:\/\/it-news-blog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/it-news-blog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2198"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/it-news-blog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}