Elementor Addons Patch Critical Privilege Escalation Vulnerability

Essential Addons for Elementor, a popular WordPress plugin with over a million active installs, has recently addressed a critical security vulnerability in version 5.7.2. The vulnerability was discovered on May 8, 2023, by security researcher Rafie Muhammad from Patchstack. The vulnerability received a CVSS 3.1 score of 9.8, indicating its critical severity. Fortunately, there have been no reports of exploitation of this vulnerability so far.

According to Muhammad’s security advisory, the plugin was affected by an unauthenticated privilege escalation vulnerability that allowed any unauthenticated user to escalate their privilege to that of any user on the WordPress site. The vulnerability allowed attackers to reset the password of any user as long as they knew their username, which could then be used to log in to the administrator’s account. This vulnerability occurred because the password reset function did not validate a password reset key and instead directly changed the password of the given user.

The plugin’s authors have released a patch for this vulnerability on May 11, 2023, with the following note in the changelog: “Improved: EA Login/Register Form for Security Enhancement. Few minor bug fixes & improvements.” The vulnerability affects sites using versions 5.4.0 to 5.7.1 of Essential Addons for Elementor.

Users are strongly advised to update to the latest version 5.7.2 immediately to avoid any potential exploitation of this vulnerability. Patchstack has also published a proof of concept for exploiting this vulnerability, making it even more critical for users to update their plugins as soon as possible.

In conclusion, it is essential to keep all WordPress plugins up-to-date to avoid any potential security vulnerabilities. Essential Addons for Elementor has taken swift action to address this critical security vulnerability and has released a patch for its users. It is highly recommended that all users update their plugin to the latest version to ensure the security of their WordPress site.

Stay in Touch


Related Articles