HTTP: WordPress Elementor Shell Upload

This signature detects attempts to exploit a known vulnerability against WordPress Elementor. A successful attack can lead to local file inclusion.

Extended Description

The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2.

Affected Products

Elementor website_builder

References

CVE: CVE-2022-1329

Short Name
HTTP:CTS:WP-ELEMENTOR-ZIP-UPLD
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2022-1329 Elementor Shell Upload WordPress
Release Date
12/16/2022
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3602
False Positive
Unknown
Vendors

Elementor

Found a potential security threat?