Posted on December 20, 2019

Critical bug in WordPress Plugins Opens Site to Takeovers

If you are using two popular plugins made by Brainstorm Force, Ultimate Addons for Beaver Builder or Ultimate Addons for Elementor, stop what you are doing now and update your plugins.

A major vulnerability was found a little over a week ago in both of these plugins that could allow hackers to gain administrative access to any website using them. Due to lack of checks in the authentication method when a user login via Facebook or Google, vulnerable plugins can be tricked into allowing malicious users to login as any other targeted user without requiring any password.

The team as Brainstorm Force released the following statement:

“We’ve released an update and have patched the vulnerable code. Users can apply the patch by updating the plugin in one click. Users who have registered their licence key see an update notification in their WordPress dashboard. All they need to do is click update.”

We are seeing this being exploited on accounts that are not subscribed to our Managed WordPress plans and caution all of our clients to update their plugins now with patches that have been released to close this serious security vulnerability.

Leave a Reply

Your email address will not be published. Required fields are marked *

Trusted by Clients Across All Industries

Don’t take our word for it - let our happy clients do the talking. See More

Full Host did an amazing job of migrating my site seamlessly onto their server. My only regret was not switching my site over to them sooner. Now it is performing great, images are uploading way faster than ever before.

" Vancouver Sofa and Patio - Jerry Schmidt

Two thumbs up for Fullhost! Agents reply to me fairly quickly or at least let me know they received the ticket and are looking into it. Kudos to the support team as they have always given me exactly what I need without delays.

" Universal Staffing Inc. - Anthony Calvano

FullHost is an absolute pleasure to work with, and their customer service is exceptional. Whenever I have questions or need adjustments, they are there to help, quickly, efficiently, with answers and insights.

" Mooseworld Inc. Norine Leibel

The Fullhost team was a huge help in getting the website moved over and set up in a way in which we could correct the technical issues. They were quick, helpful and technically knowledgeable.

" Canadian Sport Institute Pacific Noah Wheelock

Our organization Has been working with FullHost for a couple of years now, and we have been thrilled with the service.

" Canadian Centre for International Justice / Philippe Kirsch Institute Pearl Eliadis

Exceptional is the word when it comes to FullHost. I started my own business and in the jungle of applications, licenses and registrations, FullHost had my back.

" Statsmen Matthias Bass

The customer service and support staff that I have dealt with have all been great. The move from my previous host was smooth thanks to the support staff at Full Host who moved my files over.

" Moose Web Design - Michelle Nortje

With coast to coast coverage,
We help you serve the world.

Whether your audience is located in Europe, Asia, Africa, or Australia, provide them with lightening speed!

FullHost's data centers are located in Toronto and Vancouver to ensure worldwide quality and speed.

Get in Touch
We Trust Only The Best Tech to Support You

FullHost operates with the most innovative technology to bring you unparalleled levels of hosting services.