Vulnerability in Elementor Plugin Allows Attackers to Extract Sensitive Information from Database
CVE-2024-6166

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Unlimited Elements For Elementor (free Widgets, Addons, Templates)
Vendor: CVE Published:; 9 July 2024

Summary

The Unlimited Elements For Elementor plugin for WordPress is susceptible to a time-based SQL Injection when processing the 'addons_order' parameter. This flaw arises from inadequate escaping of user-supplied data and deficient preparation within the SQL query. Authenticated users with Contributor-level access or higher, who possess permissions to edit plugin settings assigned by an administrator, can exploit this vulnerability to inject additional SQL queries into existing ones. This can lead to unauthorized data retrieval from the database, potentially exposing sensitive information.

Affected Version(s)

Unlimited Elements For Elementor (Free Widgets, Addons, Templates) * <= 1.5.112

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/unlimited-elem...

https://plugins.trac.wordpress.org/changeset/3112307/

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 9, 2024
Vulnerability Reserved
Jun 19, 2024

Credit

Khayal Farzaliyev