WordPress, the world’s most popular content management system, is once again in the news, but this time, for a less-than-desirable reason. Recently, a significant vulnerability was discovered in the Essential Addons for Elementor plugin, a popular WordPress plugin with over two million active installations. This vulnerability, known as a Stored Cross-Site Scripting (XSS) vulnerability, could allow attackers to inject malicious scripts into WordPress websites.
What is Essential Addons for Elementor?
Essential Addons for Elementor is a popular WordPress plugin that extends the functionality of the Elementor page builder. It adds more features and widgets, making it easier for users to create and customize their websites.
The Vulnerability
Security researchers discovered a Stored Cross-Site Scripting (XSS) vulnerability in the Essential Addons for Elementor plugin. This vulnerability could allow attackers to inject malicious scripts into WordPress websites. The flaws were found in two different widgets that are part of the plugin
- Countdown Widget
- The “Essential Addons for Elementor” plugin for WordPress, which includes Elementor templates, widgets, kits, and WooCommerce builders, is vulnerable to Stored Cross-Site Scripting through the countdown widget’s message parameter in all versions up to and including 5.9.11.
- This allows authenticated attackers with contributor access or higher to inject arbitrary web scripts into pages, enabling execution whenever a user accesses the injected page.
- Woo Product Carousel Widget
- The Essential Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting through the alignment parameter in the Woo Product Carousel widget in all versions up to, and including, 5.9.10 due to insufficient input sanitization and output escaping.
XSS vulnerabilities are among the most common and arise from a failure to sanitize fields that accept inputs like text or images properly. In this case, the vulnerabilities originated from inadequate sanitization and output escaping.
The Cause
The XSS vulnerabilities originated from inadequate sanitization and output escaping. Plugins typically “sanitize” inputs, which means that they filter out unwanted inputs like scripts. Another flaw that creates an XSS vulnerability is the failure to “escape output,” which means removing any output that contains unwanted data to prevent it from reaching a browser. Both of these flaws were cited as factors that led to the vulnerabilities.
The Impact
The impact of this vulnerability is significant. It allows an attacker to reset passwords for arbitrary accounts on any of the one million WordPress sites running the plugin. This was because the reset_password function did not adequately validate a request with a password reset key.
The Solution
The developers of the Essential Addons for Elementor plugin have released a patch to fix this vulnerability. It is highly recommended for all users of the plugin to update to the latest version to ensure this vulnerability does not compromise their site.
The Essential Addons for Elementor vulnerability is a serious issue that affects over two million WordPress websites. Website administrators must update their plugins to the latest version to mitigate this vulnerability. Always remember, that keeping your plugins updated is one of the best ways to maintain the security of your WordPress website.