WordPress Plugin Vulnerabilities

ElegantThemes - Privilege Escalation

Description

An information disclosure vulnerability was found in the Divi Builder (included in our Divi and Extra themes, as well as our Divi Builder plugin) which resulted in the potential for user privilege escalation. If properly exploited, it could allow registered users, regardless of role, on your WordPress installation to perform a subset of actions within the Divi Builder, including the ability to manipulate posts.

Affects Plugins

Plugin icon
bloom
Fixed in 1.1.1
Plugin icon
monarch
Fixed in 1.2.7
Plugin icon
divi-builder
Fixed in 1.2.4

Affects Themes

Divi
Fixed in 2.6.4
Extra
Fixed in 1.2.4

References

CVE
CVE-2016-11002
CVE
CVE-2016-11003
CVE
CVE-2016-11004
URL
https://www.pritect.net/blog/elegant-themes-security-vulnerability
URL
http://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
7.6 (high)

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
c253d387-f05a-4a68-9554-ecb846942b28

Timeline

Publicly Published
2016-02-18 (about 8 years ago)
Added
2016-02-18 (about 8 years ago)
Last Updated
2020-11-26 (about 3 years ago)

Other

Published
Title
Published
2023-10-17
Title
Themify Ultra < 7.3.6 - Privilege Escalation
Published
2023-06-07
Title
Directorist < 7.5.5 - Subscriber+ Arbitrary User Password Reset to Privilege Escalation
Published
2020-06-10
Title
Brizy - Page Builder < 1.0.126 - Improper Access Controls on AJAX Calls
Published
2023-06-29
Title
Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation
Published
2018-09-04
Title
Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation