Summary
Popular WordPress plugin “Essential Addons for Elementor” by WPDeveloper was found to contain a vulnerability that could allow remote attackers to escalate privileges to an administrator on the site. The plugin has more than a million active installations and the vulnerability affects versions 5.4.0 to 5.7.1.
Description & Consequence
The vulnerability CVE-2023-32243 allows for the changing of the password of any given user. This vulnerability occurs because the password reset function does not validate a password reset key and instead directly changes the password of the given user. So as long as the attacker(s) knows the username associated with the account, they can change the password, even if the particular account is an administrator. Therefore for this attack to be executed, the attacker must know the username for the targeted system for the malicious password reset.
The attacker will have administrative access to a compromised site, which could lead to any of the following:
- Website defacement
- Malware distribution to visitors
- Website deletion
- Unauthorized access to sensitive information
- Reputational damage
Solution
All plugin users are recommended to upgrade to the latest version as soon as possible. Update the Essential Add-ons for Elementor to version 5.7.2 or higher.
Reference
Revision