CVE-2021-4447

The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers with access to the Elementor page builder to create a new registration form that defaults to the user role being set to administrator and subsequently register as an administrative user.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2526471%40essential-addons-for-elementor-lite&new=2526471%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail=	Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/be098ee9-b749-4908-85e8-e717d019609a?source=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*

History

10 Jan 2025, 14:39

Type	Values Removed	Values Added
References	() https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2526471%40essential-addons-for-elementor-lite&new=2526471%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail= -	() https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2526471%40essential-addons-for-elementor-lite&new=2526471%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail= - Product
References	~~() https://www.wordfence.com/threat-intel/vulnerabilities/id/be098ee9-b749-4908-85e8-e717d019609a?source=cve -~~	() https://www.wordfence.com/threat-intel/vulnerabilities/id/be098ee9-b749-4908-85e8-e717d019609a?source=cve - Third Party Advisory
First Time		Wpdeveloper Wpdeveloper essential Addons For Elementor
CPE		cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:::::lite:wordpress::

16 Oct 2024, 16:38

Type	Values Removed	Values Added
Summary		(es) El complemento Essential Addons for Elementor para WordPress es vulnerable a la escalada de privilegios en versiones hasta la 4.6.4 incluida debido a la falta de restricciones sobre quién puede agregar un formulario de registro y un rol de registro personalizado a una página creada con Elementor. Esto hace posible que los atacantes con acceso al generador de páginas de Elementor creen un nuevo formulario de registro que tenga como rol de usuario predeterminado el de administrador y, posteriormente, se registren como usuarios administrativos.

16 Oct 2024, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-16 07:15

Updated : 2025-01-10 14:39

NVD link : CVE-2021-4447

Mitre link : CVE-2021-4447

CVE.ORG link : CVE-2021-4447

JSON object : View

Products Affected

wpdeveloper

essential_addons_for_elementor

CWE

CWE-862

Missing Authorization

{"id": "CVE-2021-4447", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-10-16T07:15:10.687", "references": [{"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2526471%40essential-addons-for-elementor-lite&new=2526471%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail=", "tags": ["Product"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/be098ee9-b749-4908-85e8-e717d019609a?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form and a custom registration role to an Elementor created page. This makes it possible for attackers with access to the Elementor page builder to create a new registration form that defaults to the user role being set to administrator and subsequently register as an administrative user."}, {"lang": "es", "value": "El complemento Essential Addons for Elementor para WordPress es vulnerable a la escalada de privilegios en versiones hasta la 4.6.4 incluida debido a la falta de restricciones sobre qui\u00e9n puede agregar un formulario de registro y un rol de registro personalizado a una p\u00e1gina creada con Elementor. Esto hace posible que los atacantes con acceso al generador de p\u00e1ginas de Elementor creen un nuevo formulario de registro que tenga como rol de usuario predeterminado el de administrador y, posteriormente, se registren como usuarios administrativos."}], "lastModified": "2025-01-10T14:39:08.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:lite:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "2BD6544D-1249-468A-BEF0-3757C7E6A52C", "versionEndExcluding": "4.6.5"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}

8.8 /10