“Essential Addons for Elementor,” one of the most popular Elementor plugins for WordPress, was discovered to be susceptible to an unauthenticated privilege escalation that might give remote attackers administrator capabilities on the website.
Over a million WordPress sites employ the ‘Elementor’ page builder, which has 90 extensions available as part of the collection called Essential Addons for Elementor.
The vulnerability, listed as CVE-2023-32243 and found by PatchStack on May 8, 2023, affects versions 5.4.0 through 5.7.1 of the plugin and is an unauthenticated privilege escalation vulnerability.
Unauthorized access to sensitive information, website defacement or deletion, virus distribution to users, and brand ramifications including loss of confidence and issues with legal compliance are just a few of the serious effects of this defect.
The CVE-2023-32243 hole does not need remote attackers to log in, but they do need to be aware of a system’s username in order to perform a fraudulent password reset.
The attacker must enter a random value in the POST ‘widget_id’ and ‘page_id’ arguments to prevent the plugin from producing an error message that would lead the website administrator to suspect something, as stated in PatchStack’s report.
In order to validate the password reset request and create a new password on the ‘eael-pass1’ and ‘eael-pass2’ parameters, the attacker must additionally supply the right nonce value on the ‘eael-resetpassword-nonce’.