Lucene search

WpvulndbWPVDB-ID:3CC20F53-C14E-408B-B8F9-578E22D90F4E

HistoryMay 23, 2024 - 12:00 a.m.

Unlimited Elements for Elementor < 1.5.108 - Contributor+ SQLi

2024-05-2300:00:00

wpscan.com

elementor

sql injection

contributor-level access

database

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

19.3%

JSON

Description The plugin is vulnerable to SQL Injection via the ‘data[post_ids][0]’ parameter due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

References

www.wordfence.com/threat-intel/vulnerabilities/id/b155f8ca-9d09-47d7-a7c2-7744df029c19

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

19.3%

JSON

Related for WPVDB-ID:3CC20F53-C14E-408B-B8F9-578E22D90F4E