Cyber Attacks are common nowadays, one such occurred:

CVE-2023-32243 is a vulnerability in the Essential Add-ons for Elementor wordpress plugin that allows an unauthenticated attacker to change any user’s password on the affected site, granting them administrator access to WordPress sites. The vulnerability is caused by an issue with improper authentication in the plugin. Versions 5.7.1 and below are affected. This vulnerability was discovered on May 11, 2023, and the plugin developer released a patch the same day. Security researchers have observed the problem being actively exploited in the wild. Users should upgrade Essential Add-ons for Elementor to version 5.7.2 or higher to resolve the issue.

 

Root Cause Analysis:

An incorrect authentication vulnerability in the WPDeveloper Essential Add-ons for Elementor WordPress plugin is the primary cause of CVE-2023-32243. This flaw enables an unauthenticated attacker to reset the password of every user on the impacted site, thereby giving them administrator access to WordPress sites. Versions 5.7.1 and before are impacted. On May 11, 2023, a fix was provided by the plugin developer in response to the vulnerability. Security experts have seen indications of the vulnerability being actively exploited in the wild. Users should upgrade Essential Addons for Elementor to version 5.7.2 or higher in order to solve the issue.

 

Impact:

The implications of CVE-2023-32243 is that an unauthenticated attacker may reset the password of any user on the vulnerable site, thereby allowing them administrator access to WordPress sites. This vulnerability affects Essential Add-ons for Elementor, a major WordPress plugin with over one million active installs. Versions 5.7.1 and below are impacted. There is evidence that this vulnerability has been actively exploited in the wild. Users should upgrade Essential Add-ons for Elementor to version 5.7.2 or higher to resolve the issue.

 

Affected Software’s:

The following software’s are affected by CVE-2023-32243:

Essential Add-ons for Elementor plugin for WordPress versions 5.4.0 to 5.7.1

It is critical to upgrade the plugin to version 5.7.2 or above to address the vulnerability and avoid privilege escalation attacks.

 

Detection and Response:

The CVE-2023-32243 vulnerability was found by Patch stack security experts, who published a report on the cybersecurity risk involving the WordPress plugin Essential Add-ons for Elementor. The flaw was discovered during an examination of the init hook in the register_hooks function. When this function is called, it runs numerous checks before calling the login_or_register_user method. The vulnerability is anchored in that function and is an unauthenticated privilege escalation vulnerability, allowing any unauthenticated user to raise their privilege to match that of any other user on the WordPress site.

 

 

Recommendation:

1. Verify that Essential add-ons for Elementor, the necessary programme, is set up on your WordPress website. The affected versions are 5.7.1 and before.

 

2. Upgrade Essential add-ons for Elementor to version 5.7.2 or higher to fix the vulnerability.

 

3. Keep a watch out for any odd behaviour on your WordPress site because there is evidence that this vulnerability has been widely exploited in the wild.

 

4. Use vulnerability detection technologies such as Qualys to gain visibility into future and new detections (QIDs) of all severity levels.