Arbitrary File Read Vulnerability in Plus Addons for Elementor Plugin by WordPress
CVE-2021-4332

6.5MEDIUM

Key Information:

Vendor

Wordpress
Status
The Plus Addons For Elementor | Free Elementor Widgets & Elementor Templates, Header Menu, Blog Post Builder, Dark Mode, Full-page Scroll, Cross Domain Copy
Vendor
CVE Published:
7 March 2023

What is CVE-2021-4332?

The Plus Addons for Elementor plugin allows users to add an 'Info Box' to pages created with Elementor. However, versions up to 4.1.9 (pro) and 2.0.6 (free) possess a vulnerability that allows arbitrary file reads. This issue arises because the plugin uses the file_get_contents function without validating that the file being referenced is indeed an SVG file. As a result, any individual with access to the Elementor page builder, such as contributors, can exploit this vulnerability to read sensitive files within the WordPress installation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

The Plus Addons for Elementor | FREE Elementor Widgets & Elementor Templates, Header Menu, Blog Post Builder, Dark Mode, Full-Page Scroll, Cross Domain Copy * <= 2.0.6

The Plus Addons for Elementor | FREE Elementor Widgets & Elementor Templates, Header Menu, Blog Post Builder, Dark Mode, Full-Page Scroll, Cross Domain Copy * <= 4.1.9

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/changeset?sfp_email=&s...

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Chloe Chamberland
JSON
.