Arbitrary Password Reset and Account Takeover Vulnerability in Plus Addons for Elementor Page Builder WordPress Plugin

Arbitrary Password Reset and Account Takeover Vulnerability in Plus Addons for Elementor Page Builder WordPress Plugin

CVE-2021-24359 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could be chained with an open redirect (CVE-2021-24358) in version below 4.1.10, to include a crafted password reset link in the email, which would lead to an account takeover.

Learn more about our Wordpress Pen Testing.