CVE-2021-4332
moderate-risk
Published 2023-03-07
The Plus Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in versions up to, and including 4.1.9 (pro) and 2.0.6 (free). The plugin has a feature to add an "Info Box" to an Elementor created page. This Info Box can include an SVG image for the box. Unfortunately, the plugin used file_get_contents with no verification that the file being supplied was an SVG file, so any user with access to the Elementor page builder, such as contributors, could read arbitrary files on the WordPress installation.
Do I need to act?
-
0.84% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Products (2)
Affected Vendors
References (4)
Third Party Advisory
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old...
Third Party Advisory
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old...
Third Party Advisory
https://www.wordfence.com/threat-intel/vulnerabilities/id/aa698e7e-b1c7-4ead-aa2...
34
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
3/34 · Minimal
Exposure
7/34 · Low