CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4690 – Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2023-4690
The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing or incorrect nonce validation on the eae_save_config function. This makes it possible for unauthenticated attackers to change configuration settings for the plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. El complemento Elementor Addon Elements para WordPress es vulnerable a Cross-Site Request Forgery en versiones hasta la 1.12.7 incluida. Esto se debe a una validación nonce faltante o incorrecta en la función eae_save_config. • https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L75 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk&old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=#file15 https://www.wordfence.com/threat-intel/vulnerabilities/id/fd53b4e1-c6b7-4111-911a-04b14c7a9c4e?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4689 – Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2023-4689
The Elementor Addon Elements plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.12.7. This is due to missing or incorrect nonce validation on the eae_save_elements function. This makes it possible for unauthenticated attackers to enable/disable elementor addon elements via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. El complemento Elementor Addon Elements para WordPress es vulnerable a Cross-Site Request Forgery en versiones hasta la 1.12.7 incluida. Esto se debe a una validación nonce faltante o incorrecta en la función eae_save_elements. • https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L46 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk&old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=#file15 https://www.wordfence.com/threat-intel/vulnerabilities/id/472cdbc4-3bfa-4254-b35a-be7ae10782e6?source=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4723 – Elementor Addon Elements <= 1.12.7 - Missing Authorization to Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2023-4723
The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.12.7 via the ajax_eae_post_data function. This can allow unauthenticated attackers to extract sensitive data including post/page ids and titles including those of with pending/draft/future/private status. El complemento Elementor Addon Elements para WordPress es vulnerable a la Exposición de Información Confidencial en versiones hasta la 1.12.7 incluida a través de la función ajax_eae_post_data. Esto puede permitir a atacantes no autenticados extraer datos confidenciales, incluidos los ID y títulos de publicaciones/páginas, incluidos aquellos con estado pendiente/borrador/futuro/privado. • https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/classes/helper.php#L20 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk&old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=#file15 https://www.wordfence.com/threat-intel/vulnerabilities/id/89489218-263f-4157-a5cd-a12bc6a0dfe6?source=cve • CWE-862: Missing Authorization •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5381 – Elementor Addon Elements <= 1.12.7 - Authenticated (Administrator+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2023-5381
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.12.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. El complemento Elementor Addon Elements para WordPress es vulnerable a Cross-Site Scripting Almacenado a través de la configuración de administrador en versiones hasta la 1.12.7 incluida debido a una sanitización de entrada y un escape de salida insuficientes. Esto hace posible que atacantes autenticados, con permisos de nivel de administrador y superiores, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://plugins.trac.wordpress.org/browser/addon-elements-for-elementor-page-builder/trunk/inc/admin/admin-ui.php#L79 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2996185%40addon-elements-for-elementor-page-builder%2Ftrunk&old=2980987%40addon-elements-for-elementor-page-builder%2Ftrunk&sfp_email=&sfph_mail=#file15 https://www.wordfence.com/threat-intel/vulnerabilities/id/bd2bc2e7-960e-40db-9dcc-a6a60117bd83?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 425EXPL: 0CVE-2022-4974 – Freemius SDK <= 2.4.2 - Missing Authorization Checks
https://notcve.org/view.php?id=CVE-2022-4974
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable. • https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=cve https://wpscan.com/vulnerability/6dae6dca-7474-4008-9fe5-4c62b9f12d0a https://freemius.com/blog/managing-security-issues-open-source-freemius-sdk-security-disclosure https://wpdirectory.net/search/01FWPVWA7BC5DYGZHNSZQ9QMN5 https://wpdirectory.net/search/01G02RSGMFS1TPT63FS16RWEYR https://web.archive.org/web/20220225174410/https%3A//www.pluginvulnerabilities.com/2022/02/25/our-security-review-of-wordpress-plugin-found-freemius-li • CWE-862: Missing Authorization •