More threat actors targeting vulnerable WordPress Elementor plugin versions

Several versions of the WordPress plugin Essential Addons for Elementor impacted by the now-addressed critical CVE-2023-32243 vulnerability are being actively scanned and targeted by threat actors following the release of proof-of-concept exploit, according to BleepingComputer. Millions of scanning attempts have been conducted to determine the plugin's presence on websites, five million of which were observed the day after the flaw's disclosure, while at least 6,900 exploitation attempts have been averted, a Wordfence report showed. Researchers also found that most probe requests were attributed to the "185.496.220.26" and "185.244.175.65" IP addresses, while most of the blocked attempts were from the IP address "78.128.60.112." Organizations using versions 5.4.0 to 5.7.1 of the plugin have been urged to promptly apply the latest version 5.7.2 that addresses the flaw. "Considering how easily this vulnerability can be successfully exploited, we highly recommend all users of the plugin update ASAP to ensure their site is not compromised by this vulnerability," said Wordfence.