URL has been copied successfully!
20,000 WordPress Sites Compromised by Backdoor Vulnerability Enabling Malicious Admin Access
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

20,000 WordPress Sites Compromised by Backdoor Vulnerability Enabling Malicious Admin Access


Tags: , , , , , , , ,

A critical backdoor vulnerability discovered in the LA-Studio Element Kit for the Elementor plugin poses an immediate threat to more than 20,000 WordPress installations. The vulnerability, tracked as CVE-2026-0920 with a CVSS severity rating of 9.8 (Critical), enables unauthenticated attackers to create administrator accounts and achieve complete site compromise. The function fails to properly restrict […] The post 20,000 WordPress Sites Compromised by Backdoor Vulnerability Enabling Malicious Admin Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/wordpress-sites-3/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. The 2024 cyberwar playbook: Tricks used by nation-state actors
  2. Top 12 ways hackers broke into your systems in 2024
  3. China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
  4. Cisco Firewall and VPN Zero Day Attacks: CVE-2025-20333 and CVE-2025-20362