CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47505 – WordPress Elementor Website Builder Plugin <= 3.16.4 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-47505
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor.Com Elementor allows Cross-Site Scripting (XSS).This issue affects Elementor: from n/a through 3.16.4. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ("Cross-site Scripting") en Elementor.Com Elementor permite Cross-Site Scripting (XSS). Este problema afecta a Elementor: desde n/a hasta 3.16.4. The Elementor Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the get_inline_svg() function in versions up to, and including, 3.16.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/articles/arbitrary-attachment-render-to-xss-in-elementor-plugin?_s_id=cve https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-16-4-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2022-4953 – Elementor < 3.5.5 - Iframe Injection
https://notcve.org/view.php?id=CVE-2022-4953
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs. The Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘settings’ hash parameter in versions up to, and including, 3.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary iframes in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. WordPress Elementor plugin versions prior to 3.5.5 suffer from an iframe injection vulnerability. • https://www.exploit-db.com/exploits/51716 https://github.com/elementor/elementor/commit/292fc49e0f979bd52d838f0326d1faaebfa59f5e https://wpscan.com/vulnerability/8273357e-f9e1-44bc-8082-8faab838eda7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0329 – Elementor Website Builder < 3.12.2 - Admin+ SQLi
https://notcve.org/view.php?id=CVE-2023-0329
The Elementor Website Builder WordPress plugin before 3.12.2 does not properly sanitize and escape the Replace URL parameter in the Tools module before using it in a SQL statement, leading to a SQL injection exploitable by users with the Administrator role. The Elementor plugin for WordPress is vulnerable to blind SQL Injection via the 'replace_urls' functionality in versions up to, and including, 3.12.1 due to insufficient escaping on the user supplied 'old' and 'new' parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Elementor Website Builder versions prior to 3.12.2 suffer from a remote SQL injection vulnerability. • http://packetstormsecurity.com/files/175639/Elementor-Website-Builder-SQL-Injection.html https://wpscan.com/vulnerability/a875836d-77f4-4306-b275-2b60efff1493 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 7CVE-2022-29455 – WordPress Elementor plugin <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2022-29455
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. Una Vulnerabilidad de tipo Cross-Site Scripting (XSS) basada en el DOM en el plugin Elementor Website Builder de Elementor en versiones anteriores a 3.5.5 The Elementor Website Builder plugin for WordPress is vulnerable to Unauthenticated DOM-based Reflected Cross-Site Scripting via the ‘videoType’ and 'onError' parameter in the lightbox module in versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://github.com/akhilkoradiya/CVE-2022-29455 https://github.com/yaudahbanh/CVE-2022-29455 https://github.com/0xc4t/CVE-2022-29455 https://github.com/GULL2100/Wordpress_xss-CVE-2022-29455 https://github.com/tucommenceapousser/CVE-2022-29455 https://github.com/tucommenceapousser/CVE-2022-29455-mass https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-5-5-unauthenticated-dom-based-reflected-cross-site-scripting-xss-vulnerability https://rotem-bar.com/hacking-65-million-websi • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 96%CPEs: 1EXPL: 8CVE-2022-1329 – Elementor Website Builder 3.6.0 - 3.6.2 - Missing Authorization to Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-1329
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2. El plugin Elementor Website Builder para WordPress es vulnerable a una ejecución no autorizada de varias acciones AJAX debido a una falta de una comprobación de capacidad en el archivo ~/core/app/modules/onboarding/module.php que hace posible que atacantes modifiquen los datos del sitio además de cargar archivos maliciosos que pueden usarse para obtener una ejecución de código remota, en las versiones 3.6.0 a 3.6.2 WordPress Elementor plugin versions 3.6.0 through 3.6.2 suffer from a remote shell upload vulnerability. This is achieved by sending a request to install Elementor Pro from a user supplied zip file. Any user with Subscriber or more permissions is able to execute this. • https://github.com/mcdulltii/CVE-2022-1329 https://github.com/AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit https://github.com/Grazee/CVE-2022-1329-WordPress-Elementor-RCE https://github.com/phanthibichtram12/CVE-2022-1329 https://github.com/dexit/CVE-2022-1329 http://packetstormsecurity.com/files/168615/WordPress-Elementor-3.6.2-Shell-Upload.html https://plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/onboarding&#x • CWE-434: Unrestricted Upload of File with Dangerous Type CWE-862: Missing Authorization •