Elementor, which helps design websites through the WordPress system, has announced that it has fixed a vulnerability in its website creation service that posed a major threat to users.
The bug, described as a failed access control condition, affects versions 3.11.6 and earlier. Solved by Elementor Pro experts from version 3.11.7.
The company has said that it is improving the code quality implementation of Woo Commerce components, which are estimated to be used on more than 12 million websites.
Successful exploitation of the vulnerability would allow a WordPress website running Woo Commerce to be compromised.
In addition to the above, this vulnerability exploits multiple IP addresses to upload non-site related PHP files and ZIP files to servers.