#VU62506 Improper access control in Elementor Page Builder
Vulnerability identifier: #VU62506
Vulnerability risk: High
CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-284
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
Elementor Page Builder
Web applications /
Modules and components for CMS
Vendor: Elementor.com
Description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to missing capability check in the "/core/app/modules/onboarding/module.php" script when processing AJAX calls. A remote non-authenticated attacker can bypass implemented security restrictions and modify website data or upload malicious files to the server.
Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Elementor Page Builder: 3.6.0 - 3.6.2
External links
http://plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/onboarding/module.php
http://www.wordfence.com/blog/2022/04/elementor-critical-remote-code-execution-vulnerability/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
