CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4102 – Royal Elementor Addons < 1.3.56 - Subscriber+ Arbitrary Post Deletion
https://notcve.org/view.php?id=CVE-2022-4102
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF checks when deleting a template and does not ensure that the post to be deleted is a template. This could allow any authenticated users, such as subscribers, to delete arbitrary posts assuming they know the related slug. El complemento Royal Elementor Addons de WordPress anterior a 1.3.56 no tiene autorización y verifica CSRF al eliminar una plantilla y no garantiza que la publicación que se eliminará sea una plantilla. Esto podría permitir que cualquier usuario autenticado, como suscriptores, elimine publicaciones arbitrarias, asumiendo que conocen el slug relacionado. The Royal Elementor Addons plugin for WordPress is vulnerable to authorization bypass due to a missing capability check during template deletion in the function wpr_create_template in versions up to, and including, 1.3.55. • https://wpscan.com/vulnerability/c177f763-0bb5-4734-ba2e-7ba816578937 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47150 – Appsero <= 1.2.0 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2022-47150
The Appsero analytics tool used in several plugins is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the uninstall_reason_submission function used for feedback submission in versions up to, and including, 1.2.0. This makes it possible for unauthenticated attackers to invoke this function intended for administrator use via forged request, granted they can trick a site administrator into performing an action such as clicking on a link. • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 7CVE-2022-29455 – WordPress Elementor plugin <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2022-29455
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. Una Vulnerabilidad de tipo Cross-Site Scripting (XSS) basada en el DOM en el plugin Elementor Website Builder de Elementor en versiones anteriores a 3.5.5 The Elementor Website Builder plugin for WordPress is vulnerable to Unauthenticated DOM-based Reflected Cross-Site Scripting via the ‘videoType’ and 'onError' parameter in the lightbox module in versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://github.com/akhilkoradiya/CVE-2022-29455 https://github.com/yaudahbanh/CVE-2022-29455 https://github.com/0xc4t/CVE-2022-29455 https://github.com/GULL2100/Wordpress_xss-CVE-2022-29455 https://github.com/tucommenceapousser/CVE-2022-29455 https://github.com/tucommenceapousser/CVE-2022-29455-mass https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-5-5-unauthenticated-dom-based-reflected-cross-site-scripting-xss-vulnerability https://rotem-bar.com/hacking-65-million-websi • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 96%CPEs: 1EXPL: 8CVE-2022-1329 – Elementor Website Builder 3.6.0 - 3.6.2 - Missing Authorization to Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-1329
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2. El plugin Elementor Website Builder para WordPress es vulnerable a una ejecución no autorizada de varias acciones AJAX debido a una falta de una comprobación de capacidad en el archivo ~/core/app/modules/onboarding/module.php que hace posible que atacantes modifiquen los datos del sitio además de cargar archivos maliciosos que pueden usarse para obtener una ejecución de código remota, en las versiones 3.6.0 a 3.6.2 WordPress Elementor plugin versions 3.6.0 through 3.6.2 suffer from a remote shell upload vulnerability. This is achieved by sending a request to install Elementor Pro from a user supplied zip file. Any user with Subscriber or more permissions is able to execute this. • https://github.com/mcdulltii/CVE-2022-1329 https://github.com/AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit https://github.com/Grazee/CVE-2022-1329-WordPress-Elementor-RCE https://github.com/phanthibichtram12/CVE-2022-1329 https://github.com/dexit/CVE-2022-1329 http://packetstormsecurity.com/files/168615/WordPress-Elementor-3.6.2-Shell-Upload.html https://plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/onboarding&#x • CWE-434: Unrestricted Upload of File with Dangerous Type CWE-862: Missing Authorization •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2CVE-2021-24891 – Elementor < 3.4.8 - DOM Cross-Site-Scripting
https://notcve.org/view.php?id=CVE-2021-24891
The Elementor Website Builder WordPress plugin before 3.4.8 does not sanitise or escape user input appended to the DOM via a malicious hash, resulting in a DOM Cross-Site Scripting issue. El plugin Elementor Website Builder de WordPress versiones anteriores a 3.4.8, no sanea ni escapa de la entrada del usuario añadida al DOM por medio de un hash malicioso, resultando en un problema de tipo Cross-Site Scripting DOM The Elementor Website Builder plugin for WordPress is vulnerable to DOM-based Cross-Site Scripting via the '#elementor-action:action=lightbox&settings=' DOM in versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/fbed0daa-007d-4f91-8d87-4bca7781de2d https://www.jbelamor.com/xss-elementor-lightox.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •