Security researchers issued an advisory regarding the popular WordPress plugin Essential Addons For Elementor that was discovered to contain a Cross-Site Scripting storage vulnerability affecting more than 2 million websites.
Flaws in two different widgets that are part of the plugin are responsible for the vulnerabilities.
Two widgets that lead to vulnerabilities
Countdown Widget Woo Product Carousel Widget
Essential plugins for Elementor
Essential Addons is a plugin that extends the popular WordPress page builder Elementor. Elementor makes it easy for anyone to build websites, and essential plugins allow you to add even more website features and widgets.
Vulnerability
Wordfence’s warning announced that the plugin contained a Stored Cross-Site Scripting (XSS) vulnerability that allows an attacker to load a malicious script and attack the browsers of website visitors, which can lead to stealing session cookies to take control of the website. .
XSS vulnerabilities are among the most common and arise from a failure to properly sanitize fields (screen or filter) that accept input such as text or images.
Plugins typically “sanitize” entries, meaning they filter out unwanted entries such as scripts.
Another flaw that creates an XSS vulnerability is the lack of “output escaping,” which means removing any output that contains unwanted data to prevent it from reaching a browser.
Wordfence cites these two flaws as factors that led to the vulnerabilities.
They warned about the countdown widget:
“Elementor Essentials Plugins – Best WooCommerce Templates, Widgets, Kits, and Elementor Builders Plugin for WordPress are vulnerable to cross-site scripting stored via the countdown widget message parameter in all versions up to 5.9.11 included due to insufficient input disinfection and output output.
This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts into pages that will be executed whenever a user accesses an injected page.”
The caveat about the Woo Product Carousel widget:
“Essential Addons for Elementor … for WordPress is vulnerable to cross-site scripts stored using the alignment parameter of the Woo Product Carousel widget in all versions up to and including 5.9.10 due to insufficient disinfection of entry and exit exhaust.
See also:
Authenticated attackers
What is meant by the phrase “authenticated attackers” is that a hacker must first acquire the credentials of the website in order to launch the attack. The Essential Plugins vulnerability for Elementor requires an attacker to have contributor-level access or higher.
Medium Threat: Update Recommended
The vulnerability is classified as a medium threat and has been assigned a score of 6.4 on a scale of 1 to 10, with 10 being the most critical level of vulnerability.
Plugin users on version 5.9.11 or lower are encouraged to upgrade to the latest version of the plugin, currently version 5.9.13.
Read the Wordfence security bulletins:
Featured image by Shutterstock/Aleksandrs Sokolovs
[ad_2]
Source link
