Lucene search
Sanjay DasWPEX-ID:A875836D-77F4-4306-B275-2B60EFFF1493HistoryMay 02, 2023 - 12:00 a.m.
Elementor Website Builder < 3.12.2 - Admin+ SQLi
2023-05-0200:00:00
Sanjay Das
595
elementor
sql injection
admin section
website builder
security vulnerability
exploit
EPSS
0.001
Percentile
39.5%
The plugin does not properly sanitize and escape the Replace URL parameter in the Tools module before using it in a SQL statement, leading to a SQL injection exploitable by users with the Administrator role.
1. Go to Elementor > Tools > Replace URL
2. Fill the first field with `http://localhost:8000/`
3. Fill the second field with `http://localhost:8000/?test'),meta_key='key4'where+meta_id=SLEEP(2);#`
4. Note the additional time taken by the request, demonstrating the SQL injection vulnerability.Related
cvelist
cvelist
CVE-2023-0329 Elementor Website Builder < 3.12.2 - Admin+ SQLi
2023-05-30 07:49:13
openvas
openvas
WordPress Elementor Website Builder Plugin < 3.12.2 SQLi Vulnerability
2023-06-02 00:00:00
wpvulndb
wpvulndb
Elementor Website Builder < 3.12.2 - Admin+ SQLi
2023-05-02 00:00:00
exploitdb
exploitdb
Elementor Website Builder < 3.12.2 - Admin+ SQLi
2024-04-02 00:00:00
prion
prion
Sql injection
2023-05-30 08:15:00
nvd
nvd
CVE-2023-0329
2023-05-30 08:15:09
packetstorm
packetstorm
Elementor Website Builder SQL Injection
2024-04-02 00:00:00
Elementor Website Builder SQL Injection
2023-11-13 00:00:00
cve
cve
CVE-2023-0329
2023-05-30 08:15:09
zdt
zdt
Elementor Website Builder < 3.12.2 SQL injection Exploit
2023-11-14 00:00:00