// For flags

CVE-2022-1329

Elementor Website Builder 3.6.0 - 3.6.2 - Missing Authorization to Remote Code Execution

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

8
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.

El plugin Elementor Website Builder para WordPress es vulnerable a una ejecución no autorizada de varias acciones AJAX debido a una falta de una comprobación de capacidad en el archivo ~/core/app/modules/onboarding/module.php que hace posible que atacantes modifiquen los datos del sitio además de cargar archivos maliciosos que pueden usarse para obtener una ejecución de código remota, en las versiones 3.6.0 a 3.6.2

WordPress Elementor plugin versions 3.6.0 through 3.6.2 suffer from a remote shell upload vulnerability. This is achieved by sending a request to install Elementor Pro from a user supplied zip file. Any user with Subscriber or more permissions is able to execute this.

*Credits: Ramuel Gall, Wordfence
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-04-12 CVE Reserved
  • 2022-04-13 CVE Published
  • 2022-04-17 First Exploit
  • 2024-08-03 CVE Updated
  • 2024-11-23 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-434: Unrestricted Upload of File with Dangerous Type
  • CWE-862: Missing Authorization
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Elementor
Search vendor "Elementor"
 Website Builder
Search vendor "Elementor" for product "Website Builder"
 >= 3.6.0 <= 3.6.2
Search vendor "Elementor" for product "Website Builder" and version " >= 3.6.0 <= 3.6.2"
wordpress
Affected