Important Security Update!

Ultimate Addons for Elementor - Security Update 1.20.1

Hello!

Here is an important security update we are releasing and request you all to update the Ultimate Addons for Elementor to version 1.20.1 immediately.

What happened?

The team at MalCare pointed out a bug in the plugin after which we worked on it, fixed this vulnerability and released an update in under 7 hours.

Our heartfelt gratitude towards the MalCare team to have helped us identify an issue that we could work on immediately.

The Ultimate Addons for Elementor (UAE) version 1.20.1 is the most secure version you should have on your website right now!

Immediate Action Required!

This is a security update, and it is highly recommended that you update the Ultimate Addons for Elementor to the latest version now!

Not able to update the plugin?

Here’s how you can do it manually –

Fighting Security Vulnerabilities Together!

Security is never an absolute and one-time fix that will work. It is a continuous process and should be managed regularly with regular checks and updates.

While we try our best to keep security issues away, we do not assume that they will never come. We take this up to identify them, debug the cause and release an update as soon as possible.

And, we just did it!

We highly recommend our users to activate their license, so that they do not miss on such update notifications and can update the Ultimate Addons for Elementor with a single click.

Having said this, we assure continuous assistance and commitment to providing quality and stronger security. We are constantly working to make sure our products are secure and reliable.

Have any further questions about this update? Please feel free to get in touch with us or write to us at support[at]bsf[dot]io

7 thoughts on “Important Security Update!”

  1. Did the exploit affect only Facebook & Google login methods or was the default WP user & PW verification also affected?

    What should we be looking for, a tmp.zip file if affected? or something else?

    What IPs should be blacklisted?

    Honestly, for the severity of the exploit more information and research would be appreciated (as well as a link to the MalCare team’s actual post on the topic.)

    Thx!

    1. Hello JR,

      The exploit only affects when you have used the Login Form widget’s Facebook & Google login on your website.

      Here is a detailed article to check if anything is affected on your site – https://www.webarxsecurity.com/critical-vulnerability-in-ultimate-add-ons-elementor/

      Also, here’s the MalCare team’s post you can refer to – https://www.malcare.com/blog/critical-vulnerability-ultimate-addons-wpastra-elementor-beaver-builder/

      Regards,
      Suman

Leave a Comment

Your email address will not be published. Required fields are marked *

Take Your Design Skills To The Next Level!

You are backed by our amazing team and
14 days money back guarantee

Scroll to Top