Auth bypass in Elemntor Elementor Website Builder
CVE-2022-1329
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers t…
Vulnerability class: Broken Access Control
EPSS: 0.932 (99.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Elemntor Elementor Website Builder — versions 3.6.0, 3.6.1, 3.6.2
Weakness classification (CWE)
Public proof-of-concept exploits
- AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit
- mcdulltii/CVE-2022-1329
- Grazee/CVE-2022-1329-WordPress-Elementor-RCE
- AgustinESI/CVE-2022-1329
- phanthibichtram12/CVE-2022-1329
- dexit/CVE-2022-1329
- rapid7/metasploit-framework
- crac-learning/CVE-analysis-reports
- k0mi-tg/CVE-POC
- manas3c/CVE-POC
References
- www.wordfence.com/blog/2022/04/elementor-critical-remote-code-execution-vulnera…
- plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/o…
- www.pluginvulnerabilities.com/2022/04/12/5-million-install-wordpress-plugin-ele…
- packetstormsecurity.com/files/168615/WordPress-Elementor-3.6.2-Shell-Upload.html
Frequently asked questions
- What is CVE-2022-1329?
- CVE-2022-1329 is a high-severity vulnerability in Elemntor Elementor Website Builder, classified under Missing Authorization. CVSS score: 8.8/10. Published 2022-04-19.
- How severe is CVE-2022-1329?
- High severity. CVSS v3 base score is 8.8 out of 10.
- Is CVE-2022-1329 known to be exploited?
- 23 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.