CVE-2024-23523 – WordPress Elementor Pro plugin <= 3.19.2 - Contributor+ Arbitrary User Meta Data Retrieval vulnerability
https://notcve.org/view.php?id=CVE-2024-23523
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Elementor Pro.This issue affects Elementor Pro: from n/a through 3.19.2. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Elementor Pro. Este problema afecta a Elementor Pro: desde n/a hasta 3.19.2. The Elementor Website Builder Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.19.2 . This makes it possible for authenticated attackers, with contributor-level access and above, to extract arbitrary user meta values. • https://patchstack.com/database/vulnerability/elementor-pro/wordpress-elementor-pro-plugin-3-19-2-contributor-arbitrary-user-meta-data-retrieval-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-35050 – WordPress Elementor Pro plugin <= 3.13.0 - Auth. Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-35050
Missing Authorization vulnerability in Elementor Elementor Pro.This issue affects Elementor Pro: from n/a through 3.13.0. Vulnerabilidad de autorización faltante en Elementor Elementor Pro. Este problema afecta a Elementor Pro: desde n/a hasta 3.13.0. The Elementor Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on several functions in versions up to, and including, 3.13.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions like modifying screenshots, • https://patchstack.com/database/vulnerability/elementor-pro/wordpress-elementor-pro-plugin-3-13-0-subscriber-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVE-2023-3124 – Elementor Pro <= 3.11.6 - Authenticated(Subscriber+) Privilege Escalation via update_page_option
https://notcve.org/view.php?id=CVE-2023-3124
The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_page_option function in versions up to, and including, 3.11.6. This makes it possible for authenticated attackers with subscriber-level capabilities to update arbitrary site options, which can lead to privilege escalation. El plugin Elementor Pro para WordPress es vulnerable a la modificación no autorizada de datos debido a una falta de comprobación en la función "update_page_option" en versiones hasta la 3.11.6 inclusive. Esto hace posible que atacantes autenticados con capacidades a nivel de suscriptor actualicen opciones del sitio arbitrarias, lo que puede llevar a una escalada de privilegios. • https://github.com/AmirWhiteHat/CVE-2023-3124 https://blog.nintechnet.com/high-severity-vulnerability-fixed-in-wordpress-elementor-pro-plugin https://www.wordfence.com/threat-intel/vulnerabilities/id/570474f2-c118-45e1-a237-c70b849b2d3c?source=cve • CWE-862: Missing Authorization •
CVE-2020-26596 – Elementor Pro <= 3.0.5 - Authenticated Remote Code Execution in Dynamic OOO Widget
https://notcve.org/view.php?id=CVE-2020-26596
The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable PHP code via the PHP Raw snippet. NOTE: this issue can be mitigated by removing the Dynamic OOO widget or by restricting availability of the Editor role. El widget Dynamic OOO para el plugin Elementor Pro versiones hasta 3.0.5 para WordPress, permite a usuarios autenticados remotos ejecutar código arbitrario porque solo se necesita el rol Editor para cargar código PHP ejecutable por medio del fragmento PHP Raw. NOTA: este problema se puede mitigar eliminando el widget Dynamic OOO o restringiendo la disponibilidad del rol Editor • https://elementor.com/pro/changelog https://ww2.compunet.cl/dia-cero-en-plugin-de-wordpres-detectada-compunet-redteam • CWE-269: Improper Privilege Management •