CVE-2021-24359

low-risk
Published 2021-06-14

The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could be chained with an open redirect (CVE-2021-24358) in version below 4.1.10, to include a crafted password reset link in the email, which would lead to an account takeover.

Do I need to act?

-
0.43% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Posimyth

References (4)

Release Notes https://theplusaddons.com/changelog/
Exploit https://wpscan.com/vulnerability/486b82d1-30d4-44d2-9542-f33e3f149e92
Release Notes https://theplusaddons.com/changelog/
Exploit https://wpscan.com/vulnerability/486b82d1-30d4-44d2-9542-f33e3f149e92
28
/ 100
low-risk
Severity 21/34 · High
Exploitability 2/34 · Minimal
Exposure 5/34 · Minimal