The Plus Addons for Elementor - Most Populars Addon For Elementors

The Plus Addons for Elementor - Most Populars Addon For Elementor v6.3.0

No permission to download
Overview Updates (94) Reviews (8) History Discussion
sibling

sibling

Member
Mar 7, 2021
29
28
18
Elementor facebook group is full of posts about this security issue, seems like a lot of people are affected by it.
 
sibling

sibling

Member
Mar 7, 2021
29
28
18
Still isnt patched! From the Wordfence blog: "Unfortunately, the latest update didn’t fully address the security issues."
 
M.C

M.C

Active member
Jul 11, 2019
288
113
43
I can't figure out how to clean... if I replace the files in the zip will that help anything, any body know
 
MrSam_1

MrSam_1

Well-known member
Administrative
Trusted Seller
Dec 1, 2018
23,650
26,995
120
  • Like
  • Love
Reactions: smalok, tanierlyons and JRGWxRxZ
MrSam_1

MrSam_1

Well-known member
Administrative
Trusted Seller
Dec 1, 2018
23,650
26,995
120
M.C said:
I can't figure out how to clean... if I replace the files in the zip will that help anything, any body know
Click to expand...
If you get infected with a recent vulnerability: What Steps You Should Take
Security of Your Assets Should be Your First Priority. So Here Are Some Symptoms That You’ve Got Hacked, Especially For This Incident :
Security of your site should be the first priority. So here are fairly obvious indications that you've been compromised in some way
1. You’ve Got an Unknown Administrator User in Your User’s List
Check For Any Unknown Admin Users in Your WordPress Site. In-order to Check This, Go to Users -> All Users -> Delete Any Unknown Admin account. We Have Found a Common Email : [email protected]
2. Unknown Plugin is Got Installed in Your Directory
Check for Any Unknown Plugins Installed in Your Repository. To Check This Go to Plugins -> Installed Plugins -> And Make Sure You Have Only Known Plugin Installed, Delete If You Find Any Unwanted Plugin (eg. Wp_staff)
3. You Found Encrypted & Gibrrish URLs in Your Code
These Links Can be Passing Data to Some Remote IP. Clean Your Site Immediately.
4. You Found Encrypted & Gibrrish URLs in Your Code
These Links Can be Passing Data to Some Remote IP. Clean Your Site Immediately.To check this Run a full Site Scanner with Wordfence and find for any informalities in WP-Core Files (Eg. Wp-Config)
And Now These are The Steps You Should Take in Order to Get Secured :
I have mentioned the patched version name
1. Update The Plus Add-ons for Elementor to the Latest Version(4.1.6) Available in Store. If You've not received any Update Notification, Then follow This Guide https://www.facebook.com/theplusad.../posts/2533392430288273 .
2. Update Your Other Plugins, Themes & WordPress Code to the Latest Version Available. (Make sure to take backup before this, If you think that is required based on themes/plugins you are going to update.)
3. Delete any Unnecessary Plugins
4. Take a Full Site Backup Dated Before March 8th, 2021. This is the Time Before Issue Was Uncovered, So There’s No Chance of Hack. Keep It in Some Safe Place like External Hard Drive or Cloud Storage, In-case You Find Issue After a Couple of Days.
Take it one Step Ahead
There Are Lesser Than None Chances That Your Site Might Get Hacked During This Patch Release Cool Down Time. And If You Don’t Have Live Login / Register Functionality, Then This’ll Never Concern You.
Up To now we have seen very few incidents of hacking, chances are very less for your site getting compromised. This new Patch Release will completely fix this and you will be safe from any form of hack attempt.
This Part Takes You Around How Can You Scan & Clean Your Site Using Some Online Tools Available Regardless of This Issue. Here’s is A List of Steps, Tool Suggestion & Security Related Info With Links You Should Follow :
Hope above will help us to keep your sites safe as well as resolve issues you are having due to vulnerabilities.
 
  • Love
  • Like
Reactions: smalok, tanierlyons, M.C and 1 other person
S

SC36

Member
Dec 11, 2019
64
15
8
My site was infected by this. I had an account register on my site as admin while I was asleep. A plugin named 'WP Strong' installed, and after I was able to install and run Anti-Malware Security and Brute-Force Firewall, it had only got to 20% of the scan, and I already had over 3,000 files infected with what Bitdefender caught as JS:Trojan.Cryxos.4095.

I restored to a backup from March 7th, everything is good now. I will not be using ThePlusAddons from this point forward. I did have a legit license for it also.

Be careful everyone.
 
skywatcher

skywatcher

Member
Nov 21, 2019
60
33
18
SC36 said:
My site was infected by this. I had an account register on my site as admin while I was asleep. A plugin named 'WP Strong' installed, and after I was able to install and run Anti-Malware Security and Brute-Force Firewall, it had only got to 20% of the scan, and I already had over 3,000 files infected with what Bitdefender caught as JS:Trojan.Cryxos.4095.

I restored to a backup from March 7th, everything is good now. I will not be using ThePlusAddons from this point forward. I did have a legit license for it also.

Be careful everyone.
Click to expand...
It was happening before my eyes yesterday! Terrible! Luckily backups were ready to restore :)
 
  • Wow
Reactions: SC36
M.C

M.C

Active member
Jul 11, 2019
288
113
43
If your using wordfence, make sure to check each site that the firewall is really enabled, mine says it is but not not showing protection level, I cleaned 15 sites yesterday, & at 6 am it injected code to all index.php files everywhere, all files with an index.php, even if it has leading name before.

And after clean, if the plugin bdthemes element pack causes critical wordpress error, remove & it fixes that.

Attached scrn of wordfence - not sure how to fix this

1615399241920.png
 
  • Like
Reactions: SC36
M.C

M.C

Active member
Jul 11, 2019
288
113
43
M.C said:
If your using wordfence, make sure to check each site that the firewall is really enabled, mine says it is but not not showing protection level, I cleaned 15 sites yesterday, & at 6 am it injected code to all index.php files everywhere, all files with an index.php, even if it has leading name before.

And after clean, if the plugin bdthemes element pack causes critical wordpress error, remove & it fixes that.

Attached scrn of wordfence - not sure how to fix this

1615399241920.png
Click to expand...


Fixed the issue, you must completely drop all tables from db to do clean install of wordfence, looks normal now, fyi...

This hack sucks...
 
  • Like
Reactions: SC36
r3turn_z3r0

r3turn_z3r0

Well-known member
Feb 3, 2020
141
175
50
Paradise
Sad to see how many have been affected by this vuln. I did an audit once while I was selecting the best "Elementor addons pack" plugin to use for all my clients' sites. ElementsKit came out on top. The code quality and attention to security that the Wpmet team put into their plugins is second only to that of WPDeveloper.

The main takeaway from this is to say, don't just randomly select and use plugins because they have a beautiful landing page or catchy marketing phrases. Do your due diligence of auditing (or hiring someone to audit) plugins for common security pitfalls, especially those reiterated in the OWASP Top 10.
 
  • Like
Reactions: Spyders, smalok and SC36
S

SC36

Member
Dec 11, 2019
64
15
8
asja said:
Sad to see how many have been affected by this vuln. I did an audit once while I was selecting the best "Elementor addons pack" plugin to use for all my clients' sites. ElementsKit came out on top. The code quality and attention to security that the Wpmet team put into their plugins is second only to that of WPDeveloper.

The main takeaway from this is to say, don't just randomly select and use plugins because they have a beautiful landing page or catchy marketing phrases. Do your due diligence of auditing (or hiring someone to audit) plugins for common security pitfalls, especially those reiterated in the OWASP Top 10.
Click to expand...

I appreciate the info and suggestion in your comment. Thanks for taking the time to write it. I currently have some Croco Block stuff, Happy Add Ons, I will have to check these out.
 
  • Like
Reactions: r3turn_z3r0
MrSam_1

MrSam_1

Well-known member
Administrative
Trusted Seller
Dec 1, 2018
23,650
26,995
120
  • Like
  • Love
Reactions: tanierlyons, JRGWxRxZ, smalok and 1 other person
You must log in or register to reply here.

Similar threads

tanierlyons
The Plus Addons for WPBakery Page Builder
Replies
20
Views
4K
CodeCanyon
𝐍𝖾ω𝐋ⱺ𝗀𝗂𐓣𝐎𐓣𝐓ɦ𝖾𝐁ᥣⱺ𝗄
𝐍𝖾ω𝐋ⱺ𝗀𝗂𐓣𝐎𐓣𝐓ɦ𝖾𝐁ᥣⱺ𝗄
SRS32
Fancy Product Designer Plus Add-On | WooCommerce WordPress
Replies
2
Views
962
CodeCanyon
sundar50000
sundar50000
TheChameleon
WaveSurfer Plus - MP3 Player module for Gmedia plugin
Replies
2
Views
651
CodeCanyon
TheChameleon
TheChameleon
tanierlyons
Contact Form Plus
Replies
1
Views
527
CodeCanyon
Nameuniecto
Nameuniecto
tanierlyons
PLUS Admin Theme - WordPress White Label Branding Admin Theme
Replies
2
Views
2K
CodeCanyon
Tribunomayor
Tribunomayor

Latest posts

Forum statistics

Threads
69,236
Messages
908,495
Members
237,175
Latest member
Raj7726

Share this page

Share this page

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

Forums Contact us

User Menu

Login
Community platform by XenForo © 2010-2022 XenForo Ltd.
Top Bottom