Multiple vulnerabilities

  • I really liked the plugin up until a few days ago. All the sites I manage got infected with malware and I had to spent hours to clean up the sites. Not happy at all.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support Pial

    (@iapial)

    Dear @ana2788

    We deeply apologize for the inconvenience and breach of trust caused by the recent security vulnerability in Essential Addons for Elementor. We fully understand the frustration and concern this issue has caused you, and we take it very seriously.

    Please note that, Upon being informed about the vulnerability on 8th May 2023, we immediately initiated our response plan. Our development team worked tirelessly to develop and thoroughly test a patch, and Essential Addons for Elementor version 5.7.2 was released on 11th May 2023. This version addresses the reported vulnerabilities and implements enhanced security measures.

    We would like to assure you that we have taken additional steps to address the situation. We have reached out to the WordPress plugin support team and successfully pushed an automatic vulnerability update for sites with the vulnerable version of Essential Addons. This update helped ensure that Vulnerable websites are protected against the identified security issue.

    We sincerely apologize for the impact the security vulnerability has had on your websites and the subsequent burden it placed on you. We deeply regret any inconvenience caused during this unfortunate situation.

    Your trust and satisfaction are of utmost importance to us. Our team is committed to resolving any issue and ensuring the security and reliability of our plugin moving forward.

    If you require any further assistance or if there’s anything else we can do to support you, please do not hesitate to reach out. We are here to help and address any concerns you may have.

    Note: Please Ensure that you are using the latest versions of all plugins installed on your websites, especially Essential Addons for Elementor. Our most recent update,Essential Addons for Elementor version 5.7.3 includes security enhancements and fixes for vulnerabilities.

    Thank you for your patience and cooperation. We value your feedback, and we will continue working diligently to provide you with a better experience.

    Hi,
    Is it target specific widgets (can you provide) or whole plugin ? So, we can decide to manage risk for each site.

    Plugin Support Pial

    (@iapial)

    Hello @palagornp

    Hope you are doing well. Regarding your inquiry, I would like to clarify that the security issue we addressed was not specific to any particular widget within the Essential Addons plugin. It was related to a method that was being externally requested via curl(). We have taken all the necessary steps to address this issue and have made internal changes to ensure its resolution.

    To mitigate any risks and ensure the security of your websites, we strongly recommend that you update to the latest versions of all plugins installed, particularly Essential Addons for Elementor. The most recent update, Essential Addons for Elementor version 5.7.3, and Essential Addons for Elementor PRO version 5.4.10, include essential security enhancements and fixes for vulnerabilities.

    By keeping all your plugins up to date, including Essential Addons, you can enhance the overall security and stability of your websites. If you have any further questions or concerns, please feel free to reach out to our support team. We are here to assist you.

    Thank you for your understanding and cooperation. We value your trust in our products and strive to provide the best possible solutions to ensure a secure and seamless experience for you.

    Best regards,
    Pial

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Multiple vulnerabilities’ is closed to new replies.