Lucene search
WpvulndbWPEX-ID:A6B3B14C-F06B-4506-9B88-854F155EBCA9HistoryDec 08, 2023 - 12:00 a.m.
Elementor < 3.18.2 - Contributor+ Arbitrary File Upload to RCE via Template Import
2023-12-0800:00:00
wpvulndb
313
elementor
file upload
remote code execution
Description The plugin is vulnerable to Remote Code Execution via file upload via the template import functionality, allowing authenticated attackers, with contributor-level access and above, to upload files and execute code on the server.
1. Edit a post in Elementor.
2. Import a template (folder icon on an Elementor block).
3. Pick any JSON file, and intercept the AJAX request.
4. Replace the file name with "/../../../../shell.php"
5. Replace the base64 contents (fileData) with "PD9waHAgZWNobyBzeXN0ZW0oJF9HRVRbJ2NtZCddKTsgPz4="
6. Visit /wp-content/shell.php?cmd=id to see the RCE.Related
nvd
nvd
CVE-2023-48777
2024-03-26 21:15:52
wpvulndb
wpvulndb
nuclei
nuclei
WordPress Elementor 3.18.1 - File Upload/Remote Code Execution
2024-02-22 06:20:52
zdt
zdt
wordfence
wordfence
openvas
openvas
WordPress Elementor Website Builder Plugin < 3.18.2 RCE Vulnerability
2023-06-02 00:00:00
cvelist
cvelist
cve
cve
CVE-2023-48777
2024-03-26 21:15:52
9.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.1%
Related for WPEX-ID:A6B3B14C-F06B-4506-9B88-854F155EBCA9