CVE-2023-32243
WordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege Escalation
Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
WPDeveloper · Essential Addons for Elementorpublic PoCs found — 11
githubgithub.com/RandomRobbieBF/CVE-2023-32243★ 84githubgithub.com/Jenderal92/WP-CVE-2023-32243★ 4githubgithub.com/gbrsh/CVE-2023-32243★ 3githubgithub.com/thatonesecguy/Wordpress-Vulnerability-Identification-Scripts★ 2githubgithub.com/little44n1o/cve-2023-32243★ 1githubgithub.com/dev0558/CVE-2023-32243-Detection-and-Mitigation-in-WordPress★ 0githubgithub.com/manavvedawala2/CVE-2023-32243-POC★ 0githubgithub.com/manavvedawala2/CVE-2023-32243-proof-of-concept★ 0githubgithub.com/YouGina/CVE-2023-32243★ 0githubgithub.com/manavvedawala/CVE-2023-32243-proof-of-concept★ 0cve_referencepacketstormsecurity.com/files/172457/WordPress-Elementor-Lite-5.7.1-Arbitrary-Password-Reset.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/172457/WordPress-Elementor-Lite-5.7.1-Arbitrary-Password-Reset.htmlhttps://patchstack.com/articles/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites?_s_id=cvehttps://patchstack.com/database/vulnerability/essential-addons-for-elementor-lite/wordpress-essential-addons-for-elementor-plugin-5-4-0-5-7-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve