Get in Touch
WordPress Elementor plugin vulnerable to file upload attack
Overview
Over five million WordPress sites could be vulnerable to a file upload vulnerability in the Elementor website builder plugin.
Impact
An authenticated user could upload a file and execute it, granting code execution on the server.
Vulnerability Detection
Check the running version of Elementor from the WordPress Plugins page of the dashboard.
Affected Products
Elementor version 3.6.0.
Containment, Mitigations & Remediations
Update to version 3.6.3.
The researchers who published the advisory note that aside from this specific vulnerability, the plugin does not seem well written so it might be best not to use it at all.
If the provided functionality is required, then a web application firewall (WAF) could help mitigate some types of attack.
Indicators of Compromise
Malicious actors can be detected scanning for vulnerable servers by looking in HTTP logs for the following file: /wp-content/plugins/elementor/readme.txt
That doesn’t indicate a successful attack, however.
Threat Landscape
Third-party WordPress plugins are commonly found to be vulnerable and there doesn’t seem to be a lot of effort put into securing them. WordPress is a particularly targetted platform due to its prolific use. This third-party plugin is currently running on over 5 million servers, making this a desirable target for botnet creators.
Mitre Methodologies
T1068 – Exploitation for Privilege Escalation