CVE-2020-13864 – Elementor Website Builder <= 2.9.8 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-13864
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links. El plugin Elementor Page Builder versiones anteriores a 2.9.9 para WordPress, sufre de una vulnerabilidad de tipo XSS almacenado. Un usuario autor puede crear publicaciones que resulten en un ataque de tipo XSS almacenado mediante el uso de una carga útil diseñada en enlaces personalizados The Elementor Website Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links. • https://www.softwaresecured.com/elementor-page-builder-stored-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-13865 – Elementor Website Builder <= 2.9.8 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-13865
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes. El plugin Elementor Page Builder versiones anteriores a 2.9.9 para WordPress, sufre de múltiples vulnerabilidades de tipo XSS almacenado. Un usuario autor puede crear publicaciones que resulten en vulnerabilidades de tipo XSS almacenado, mediante el uso de un enlace diseñado en la URL personalizada o mediante la aplicación de atributos personalizados The Elementor Website Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes. • https://www.softwaresecured.com/elementor-page-builder-stored-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-13126 – Elementor Pro <= 2.9.3 - Authenticated (Subscriber+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2020-13126
An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber role can upload arbitrary executable files to achieve remote code execution. NOTE: the free Elementor plugin is unaffected. Se detectó un problema en el plugin Elementor Pro versiones anteriores a 2.9.4 para WordPress, como se explotó "in the wild" en Mayo de 2020, en conjunto con CVE-2020-13125. Un atacante con el rol Subscriber puede cargar archivos ejecutables arbitrarios para lograr una ejecución de código remota. • https://wpvulndb.com/vulnerabilities/10214 https://www.wordfence.com/blog/2020/05/combined-attack-on-elementor-pro-and-ultimate-addons-for-elementor-puts-1-million-sites-at-risk • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2020-20406 – Elementor Website Builder <= 2.9.2 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-20406
A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes. Se presenta una vulnerabilidad de tipo XSS almacenado en la función Afectada de control de Custom Link Attributes en Elementor Page Builder versiones 2.9.2 y anteriores. Es debido a un filtrado inadecuado de los atributos personalizados del enlace • https://wordpress.org/plugins/elementor/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-7055 – Elementor Website Builder <= 2.7.4 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2020-7055
An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive. Se descubrió un problema en Elementor versión 2.7.4. Una carga de archivos arbitraria es posible en la función Elementor Import Templates, lo que permite a un atacante ejecutar código por medio de un archivo ZIP especialmente diseñado. The Elementor Website Builder plugin for WordPress is vulnerable to arbitrary file upload by subscriber level users and above due to missing authorization on the Import Templates function, which makes it possible for attackers to gain remote code execution. • https://pentest.co.uk/labs/advisory/cve-2020-7055 https://pentest.co.uk/labs/vulnerability-disclosure-cve-2020-7055 • CWE-434: Unrestricted Upload of File with Dangerous Type CWE-862: Missing Authorization •