Description
WordPress Plugin Elementor Website Builder is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently enable its Safe Mode feature and disable security plugins installed, such as firewall, antispam, two-factor authentication or captcha plugins. WordPress Plugin Elementor Website Builder version 2.9.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.9.6 or latest
References
Related Vulnerabilities
MySQL CVE-2023-22068 Vulnerability (CVE-2023-22068)
WordPress Plugin Store Locator Plus for WordPress Multiple Vulnerabilities (3.0.1)
Oracle Database Server CVE-2012-0552 Vulnerability (CVE-2012-0552)
WordPress Plugin WordPress Appointment Schedule Booking System Cross-Site Scripting (1.0)
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2080)