Privilege escalation : WordPress Essential Addons for Elementor Plugin 5.4.x

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.127428

Categoría: Privilege escalation

Título: WordPress Essential Addons for Elementor Plugin 5.4.x < 5.7.2 Privilege Escalation Vulnerability

Resumen: The WordPress plugin 'Essential Addons for Elementor' is prone; to a privilege escalation vulnerability.

Descripción: Summary:
The WordPress plugin 'Essential Addons for Elementor' is prone
to a privilege escalation vulnerability.

Vulnerability Insight:
It is possible to reset the password of any user as long as
attacker know their username thus being able to reset the password of the administrator and login
on their account.

Affected Software/OS:
WordPress Essential Addons for Elementor plugin version
5.4.x prior to 5.7.2.

Solution:
Update to version 5.7.2 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-32243
http://packetstormsecurity.com/files/172457/WordPress-Elementor-Lite-5.7.1-Arbitrary-Password-Reset.html
https://patchstack.com/articles/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites?_s_id=cve
https://patchstack.com/database/vulnerability/essential-addons-for-elementor-lite/wordpress-essential-addons-for-elementor-plugin-5-4-0-5-7-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.127428
Categoría:	Privilege escalation
Título:	WordPress Essential Addons for Elementor Plugin 5.4.x < 5.7.2 Privilege Escalation Vulnerability
Resumen:	The WordPress plugin 'Essential Addons for Elementor' is prone; to a privilege escalation vulnerability.
Descripción:	Summary: The WordPress plugin 'Essential Addons for Elementor' is prone to a privilege escalation vulnerability. Vulnerability Insight: It is possible to reset the password of any user as long as attacker know their username thus being able to reset the password of the administrator and login on their account. Affected Software/OS: WordPress Essential Addons for Elementor plugin version 5.4.x prior to 5.7.2. Solution: Update to version 5.7.2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-32243 http://packetstormsecurity.com/files/172457/WordPress-Elementor-Lite-5.7.1-Arbitrary-Password-Reset.html https://patchstack.com/articles/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites?_s_id=cve https://patchstack.com/database/vulnerability/essential-addons-for-elementor-lite/wordpress-essential-addons-for-elementor-plugin-5-4-0-5-7-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve
Copyright	Copyright (C) 2023 Greenbone AG