Elementor Plugin Bug Puts 1 Million WordPress Sites at Risk of Account Hijacking

Elementor Plugin Bug Puts 1 Million WordPress Sites at Risk of Account Hijacking

A recently discovered bug in the popular Essential Elementor Addons plugin for WordPress has left up to one million websites vulnerable to potential account hijacking. According to reports, attackers could exploit the vulnerability to take control of user accounts and potentially gain access to sensitive information.

Essential Elementor Addons is a popular plugin used by many WordPress site owners to customize the appearance and functionality of their sites. However, this bug could allow attackers to bypass certain security measures and gain unauthorized access to user accounts.

While the Essential Elementor Addons team has reportedly released a patch to fix the bug, it is crucial that all users of the plugin update to the latest version as soon as possible to ensure the security of their sites. Additionally, it is recommended that users review their site’s security measures and take any necessary steps to further protect their accounts.

If you are a WordPress site owner using the Essential Elementor Addons plugin, it is important to stay informed about potential security vulnerabilities and take proactive steps to protect your site and its users.

A vulnerability has been discovered in “Essential Addons for Elementor,” one of the most popular plugins for WordPress’s Elementor page builder. The flaw, discovered by cybersecurity firm PatchStack on May 8th, 2023, could potentially allow remote attackers to gain administrator privileges on a site through an unauthenticated privilege escalation exploit.

“Essential Addons for Elementor” is a library of 90 extensions used by over one million WordPress sites. The vulnerability, tracked as CVE-2023-32243, affects versions 5.4.0 to 5.7.1 and specifically targets the plugin’s password reset functionality.

WordPress site owners using “Essential Addons for Elementor” are urged to update to the latest version immediately to avoid any potential exploitation of this vulnerability. It is recommended that all WordPress site owners stay informed about potential security threats and take necessary measures to protect their sites and their users’ data.

According to a bulletin by PatchStack, exploiting the recently discovered CVE-2023-32243 vulnerability in “Essential Addons for Elementor” can allow unauthorized password resets of any user, including administrators, without validating a password reset key.

(Un)conditional password reset

By exploiting this flaw, attackers can gain unauthorized access to private information, deface or delete the website, distribute malware to visitors, and damage the website’s reputation and legal compliance.

Although attackers do not need authentication to exploit the vulnerability, they do need to know the username of the targeted system to perform a malicious password reset. The attacker must set a random value in the POST ‘page_id’ and ‘widget_id’ inputs, provide the correct nonce value on the ‘eael-resetpassword-nonce,’ and set a new password on the ‘eael-pass1’ and ‘eael-pass2’ parameters to validate the password reset request.

The nonce value is available in the main front-end page of the WordPress site since it is set in the $this->localize_objects variable by the load_common_asset function. WordPress site owners using “Essential Addons for Elementor” should immediately update to the latest version to mitigate this vulnerability. It is crucial that WordPress site owners remain vigilant about potential security threats and take necessary precautions to secure their websites.

In the event that a valid username is set on the ‘rp_login’ parameter, the vulnerability in “Essential Addons for Elementor” will allow the attacker to change the password for the targeted user to the one provided, effectively granting them control of the account. It is critical that users of the plugin update to the latest version as soon as possible to prevent the exploitation of this vulnerability and the subsequent unauthorized access to their accounts. Regular security checks and best practices are essential to ensure the safety and integrity of WordPress sites and their users’ data.

The popular WordPress plugin, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege escalation attack that could allow attackers to gain control of targeted accounts on over one million WordPress sites. The vulnerability, tracked as CVE-2023-32243, could result in unauthorized access to private information, website defacement or deletion, malware distribution to visitors, and legal compliance problems. However, the plugin vendor quickly addressed the issue and released a patch in version 5.7.2, which users are encouraged to update to as soon as possible to prevent any potential exploitation. It's crucial for website owners to maintain the latest software and plugin versions and be vigilant about potential security threats.
Part of the PHP that triggers the password reset (PatchStack)

According to the security firm PatchStack, the process of patching the vulnerability in “Essential Addons for Elementor” was uncomplicated. The plugin vendor resolved the issue by adding a function that validates the presence and legitimacy of a password reset key in reset requests.

The patch has been incorporated into the latest version of the plugin, Essential Addons for Elementor version 5.7.2, which was released today. Users of the plugin are advised to update to the latest version immediately to prevent any exploitation of the vulnerability. It is vital to keep all software and plugins up to date to ensure the security and stability of WordPress sites.

Conclusion

The popular WordPress plugin, “Essential Addons for Elementor,” was found to be vulnerable to an unauthenticated privilege escalation attack that could allow attackers to gain control of targeted accounts on over one million WordPress sites. The vulnerability tracked as CVE-2023-32243, could result in unauthorized access to private information, website defacement or deletion, malware distribution to visitors, and legal compliance problems. However, the plugin vendor quickly addressed the issue and released a patch in version 5.7.2, which users are encouraged to update to as soon as possible to prevent any potential exploitation. It’s crucial for website owners to maintain the latest software and plugin versions and be vigilant about potential security threats.

Summary
Elementor Plugin Bug Puts 1 Million WordPress Sites at Risk of Account Hijacking
Article Name
Elementor Plugin Bug Puts 1 Million WordPress Sites at Risk of Account Hijacking
Description
The popular WordPress plugin, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege escalation attack that could allow attackers to gain control of targeted accounts on over one million WordPress sites. The vulnerability, tracked as CVE-2023-32243, could result in unauthorized access to private information, website defacement or deletion, malware distribution to visitors, and legal compliance problems. However, the plugin vendor quickly addressed the issue and released a patch in version 5.7.2, which users are encouraged to update to as soon as possible to prevent any potential exploitation. It's crucial for website owners to maintain the latest software and plugin versions and be vigilant about potential security threats.
Philipe
Pquko Softwares and Technologies OPC Private Limited
Urbanfilters Private Limited
Publisher Logo

Leave a Reply