Insufficient Access Control in Royal Elementor Addons for WordPress
CVE-2022-4701

4.3MEDIUM

Key Information:

Vendor: Wordpress
Status: Royal Elementor Addons (elementor Templates, Post Grid, Mega Menu & Header Footer Builder, WooCommerce Builder, Product Grid, Slider, Parallax Image & Other Free Elementor Widgets)
Vendor: CVE Published:; 10 January 2023

Summary

The Royal Elementor Addons plugin for WordPress suffers from a vulnerability that enables any authenticated user, including those with minimal permissions (like subscribers), to activate certain plugins such as 'contact-form-7', 'media-library-assistant', or 'woocommerce'. This weakness arises from inadequate restrictions in the 'wpr_activate_required_plugins' AJAX action, exposing WordPress sites to potential misuse by unauthorized individuals. This vulnerability underscores the importance of stringent access control measures in plugin development.

Affected Version(s)

Royal Elementor Addons (Elementor Templates, Post Grid, Mega Menu & Header Footer Builder, WooCommerce Builder, Product Grid, Slider, Parallax Image & other Free Elementor Widgets) * <= 1.3.59

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/royal-elemento...

https://www.wordfence.com/blog/2023/01/eleven-vulnerabili...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 10, 2023
Vulnerability Reserved
Dec 23, 2022

Credit

Ramuel Gall