Security News > 2023 > May > WordPress Elementor plugin bug let attackers hijack accounts on 1M sites
Essential Addons for Elementor is a library of 90 extensions for the 'Elementor' page builder, used by over one million WordPress sites.
The flaw, which PatchStack discovered on May 8, 2023, is tracked as CVE-2023-32243 and is an unauthenticated privilege escalation vulnerability on the plugin's password reset functionality, impacting versions 5.4.0 to 5.7.1.
"This vulnerability occurs because this password reset function does not validate a password reset key and instead directly changes the password of the given user."
While remote attackers do not need to authenticate to exploit the CVE-2023-32243 flaw, they need to know a username on the system they are targeting for the malicious password reset.
The attacker must also provide the correct nonce value on the 'eael-resetpassword-nonce' to validate the password reset request and set a new password on the 'eael-pass1' and 'eael-pass2' parameters.
Patching this problem was straightforward, comments the security firm, as the plugin vendor had to add a function that checks if a password reset key is present and legitimate in the reset requests.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-32243 | Improper Authentication vulnerability in Wpdeveloper Essential Addons for Elementor Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. | 9.8 |