CVE-2022-1329

Опубликовано: 19 апр. 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Критический

Описание

The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.

Ссылки

http://packetstormsecurity.com/files/168615/WordPress-Elementor-3.6.2-Shell-Upload.html
Exploit
Third Party Advisory
VDB Entry
https://plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/onboarding/module.php
Patch
Release Notes
Vendor Advisory
https://www.pluginvulnerabilities.com/2022/04/12/5-million-install-wordpress-plugin-elementor-contains-authenticated-remote-code-execution-rce-vulnerability/
Exploit
Third Party Advisory
https://www.wordfence.com/blog/2022/04/elementor-critical-remote-code-execution-vulnerability/
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/168615/WordPress-Elementor-3.6.2-Shell-Upload.html
Exploit
Third Party Advisory
VDB Entry
https://plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/onboarding/module.php
Patch
Release Notes
Vendor Advisory
https://www.pluginvulnerabilities.com/2022/04/12/5-million-install-wordpress-plugin-elementor-contains-authenticated-remote-code-execution-rce-vulnerability/
Exploit
Third Party Advisory
https://www.wordfence.com/blog/2022/04/elementor-critical-remote-code-execution-vulnerability/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:*

Версия от 3.6.0 (включая) до 3.6.2 (включая)

EPSS

Процентиль: 100%

0.93475

Критический

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434

CWE-862

Связанные уязвимости

GHSA-87w4-xwrv-8vj5