CVE-2023-32243 - Improper Authentication Vulnerability in WPDeveloper Essential Addons for Elementor Allows Privilege Escalation

The WPDeveloper Essential Addons for Elementor plugin is an essential toolkit for WordPress websites, offering over 70+ unique Elementor widgets to help create a professional website. However, recently, a vulnerability was discovered in the Essential Addons for Elementor plugin, ranging from versions 5.4. to 5.7.1. Designated as CVE-2023-32243, this vulnerability is rooted in improper authentication management and can allow threat actors to escalate their privileges, thereby gaining unauthorized access to restricted areas of the affected websites.

Exploit Details

The privilege escalation flaw in the Essential Addons for Elementor plugin is due to its lack of proper authentication while processing the elementor_library GET requests in the HTTP layer. This design flaw makes it possible for unauthenticated users to manipulate POST variables, causing malicious actions such as setting the user's role as an 'Administrator' and gaining unrestricted access to the website.

Here is a code snippet to illustrate the vulnerability

function handle_elementor_library_request() {
        if ( isset( $_GET['elementor_library'] ) ) {
            if ( empty( $_POST ) ) {
                $this->authenticate_user( 'EssentialAddonsHandler', 'elementor_library' );
            }

            return $this->perform_elementor_library_action();
        }
    }

// ...

function authenticate_user( $username, $password ) {
        $user = wp_authenticate( $username, $password );

        if ( is_wp_error( $user ) ) {
            // Fallback to nonce check
            $nonce = sanitize_text_field($_REQUEST['_wpnonce']);
			if(wp_verify_nonce( $nonce, $password.'_'.$nonce ) ){
				return true;
			}
        }
		
        return false;
    }

It is essential for WPDeveloper Essential Addons for Elementor users to take immediate action to protect their websites from being exploited. The following actions are recommended:

1. Update the Essential Addons for Elementor plugin to version 5.7.2 or higher. The issue has been resolved in version 5.7.2, which is available for download from the plugin's official website here or by updating the plugin from the WordPress Dashboard.

2. In addition to updating the plugin, website administrators should review their user accounts to verify that no unauthorized users have been granted admin privileges. Furthermore, monitoring logs and server activity for any suspicious behavior can help identify unauthorized access attempts and prevent further exploitation.

Original References

For more information about CVE-2023-32243, the vulnerability and its risks, you can refer to the following sources:

1. CVE-2023-32243 Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation
2. WPDeveloper Essential Addons for Elementor Changelog

In conclusion, website administrators are urged to update the Essential Addons for Elementor plugin immediately to ensure the integrity and security of their websites. Keep in mind that prevention is always the best approach when it comes to web security. By updating regularly and being mindful of potential risks, you can protect your website from becoming an easy target for exploitation.

Timeline

Published on: 05/12/2023 08:15:00 UTC
Last modified on: 05/23/2023 20:17:00 UTC