CVE-2020-26596

Опубликовано: 07 окт. 2020

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Средний

Описание

The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable PHP code via the PHP Raw snippet. NOTE: this issue can be mitigated by removing the Dynamic OOO widget or by restricting availability of the Editor role.

Ссылки

https://elementor.com/pro/changelog/
Release Notes
Vendor Advisory
https://ww2.compunet.cl/dia-cero-en-plugin-de-wordpres-detectada-compunet-redteam/
Exploit
Third Party Advisory
https://elementor.com/pro/changelog/
Release Notes
Vendor Advisory
https://ww2.compunet.cl/dia-cero-en-plugin-de-wordpres-detectada-compunet-redteam/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:elementor:elementor_pro:*:*:*:*:*:wordpress:*:*

Версия до 3.0.5 (включая)

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Версия до 5.5.1 (включая)

EPSS

Процентиль: 95%

0.17466

Средний

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-vwhm-w9wm-r5pj

github

около 3 лет назад