Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2022-1329Unrestricted File Upload in Website Builder

CWE-434Unrestricted File UploadCWE-862Missing Authorization5 documents5 sources
Severity
8.8HIGHNVD
EPSS
93.4%
top 0.18%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Elementor Website BuilderElemntor Elementor Website Builder
Timeline
PublishedApr 19
Latest updateApr 20

Description

The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDelementor/website_builder3.6.03.6.2
CVEListV5elemntor/elementor_website_builder3.6.0, 3.6.1, 3.6.2+2

Patches

Patch: plugins.trac.wordpress.orgPatch: plugins.trac.wordpress.org

🔴Vulnerability Details

3
GHSA
GHSA-87w4-xwrv-8vj5: The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check i2022-04-20
CVEList
Elementor Website Builder 3.6.0 - 3.6.2 - Missing Authorization to Remote Code Execution2022-04-19
VulnCheck
elementor Website Builder Unrestricted Upload of File with Dangerous Type2022

💥Exploits & PoCs

1
Nuclei
Elementor Website Builder - Remote Code Execution
CVE-2022-1329 — Unrestricted File Upload | cvebase