NewsTech

vulnerabilities found in Essential Addons for Elementor WordPress plugin

Essential Addons for Elementor WordPress Plugin Allows Privilege Escalation (CVE-2023-32243)

A common WordPress plugin called Essential Addons for Elementor has a security flaw, identified as CVE-2023-32243, that might let hackers take control of vulnerable websites as the administrator.

Thank you for reading this post, don't forget to share!

Administrators may enhance their Elementor page-building experience with more than 90 imaginative features and extensions thanks to the plugin, which has more than a million active installs.

watch this video detail info


 

How Does the CVE-2023-32243 Vulnerability Affect WordPress Sites?

The password reset feature of the Essential Addons for Elementor plugin contains a vulnerability, CVE-2023-32243 (CVSS score: 9.8, Critical), which PatchStack researchers have found potentially enable privilege escalation for an unauthenticated attacker.

Affected versions range from 5.4.0 to 5.7.1 due to CVE-2023-32243.

The password reset function does not validate a password reset key, which leads to the CVE-2023-32243 issue. Instead, it immediately modifies the user’s password. This indicates that, without requiring authentication, any user on the vulnerable WordPress site can elevate their privileges to those of any other user.

Exploitation of the CVE-2023-32243 Vulnerability

The password reset key’s validity is not correctly verified by the code used to reset user passwords. As long as they knew the user’s username, a remote attacker might take advantage of the flaw to reset the password for any existing user on the system.

The attacker would first need to set a random value in the $_POST[‘widget_id’] and $_POST[‘page_id’] variables in order to exploit the flaw. This will stop an error message from being displayed by the code.

To confirm the legitimacy of the request, the attacker would then need to set the $_POST[‘eael-resetpassword-nonce’] property.

The password reset key’s validity is not correctly verified by the code used to reset user passwords. As long as they knew the user’s username, a remote attacker might take advantage of the flaw to reset the password for any existing user on the system.

The attacker would first need to set a random value in the $_POST[‘widget_id’] and $_POST[‘page_id’] variables in order to exploit the flaw. This will stop an error message from being displayed by the code.

To confirm the legitimacy of the request, the attacker would then need to set the $_POST[‘eael-resetpassword-nonce’] property.

Attackers can take control of the website and use it for evil purposes like spreading malware or diverting traffic if this vulnerability is exploited.Patch Available for CVE-2023-32243

The vendor has updated the plugin to version 5.7.2, which was released on May 11, 2023, to address the CVE-2023-32243 vulnerability. Users of Essential Addons for Elementor are urged to update as soon as possible to the most recent version of the plugin in order to shield their WordPress websites from the security flaw.

Related Articles

Back to top button

Adblock detected

PLEASE TURN OFF YOUR ADBLOCKER