Royal Elementor Addons and Templates Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting, Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads – CVE-2024-4488, CVE-2024-4489 | WordPress Plugin Vulnerability Report
Plugin Name: Royal Elementor Addons and Templates
Key Information:
- Software Type: Plugin
- Software Slug: royal-elementor-addons
- Software Status: Active
- Software Author: wproyal
- Software Downloads: 5,750,699
- Active Installs: 300,000
- Last Updated: June 19, 2024
- Patched Versions: 1.3.977
- Affected Versions: <= 1.3.976
Vulnerability 1 Details:
- Name: Royal Elementor Addons and Templates <= 1.3.976
- Title: Authenticated (Contributor+) Stored Cross-Site Scripting
- Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
- CVE: CVE-2024-4488
- CVSS Score: 6.4
- Publicly Published: June 6, 2024
- Researcher: Ngô Thiên An (ancorn_) - VNPT-VCI
- Description: The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘inline_list’ parameter in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This allows authenticated attackers with contributor-level permissions and above to inject arbitrary web scripts into pages, which execute when accessed by users.
- References: Wordfence - Authenticated (Contributor+) Stored Cross-Site Scripting
Vulnerability 2 Details:
- Name: Royal Elementor Addons and Templates <= 1.3.976
- Title: Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads
- Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
- CVE: CVE-2024-4489
- CVSS Score: 6.4
- Publicly Published: June 6, 2024
- Researcher: wesley
- Description: The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘custom_upload_mimes’ function in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This allows authenticated attackers with author-level permissions and above to inject arbitrary web scripts into pages, which execute when accessed by users.
- References: Wordfence - Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads
Summary:
The Royal Elementor Addons and Templates plugin for WordPress has vulnerabilities in versions up to and including 1.3.976 that allow authenticated attackers with specific permissions to execute Stored Cross-Site Scripting attacks. These vulnerabilities have been patched in version 1.3.977.
Detailed Overview:
These vulnerabilities, discovered by Ngô Thiên An (ancorn_) and wesley, affect the Royal Elementor Addons and Templates plugin due to inadequate input sanitization and output escaping in the 'inline_list' and 'custom_upload_mimes' parameters, respectively. Exploiting these flaws enables attackers to inject malicious scripts into pages, potentially compromising user sessions, altering site content, or redirecting users to malicious sites. Website administrators are strongly urged to update to version 1.3.977 or newer to mitigate these risks promptly.
Advice for Users:
- Immediate Action: Update Royal Elementor Addons and Templates to version 1.3.977 or later immediately.
- Check for Signs of Vulnerability: Monitor website logs for any unexpected script executions or unusual page behaviors.
- Alternate Plugins: Consider using alternative plugins that offer similar functionalities while awaiting the update and verification of Royal Elementor Addons and Templates.
- Stay Updated: Regularly update all WordPress plugins to their latest versions to prevent vulnerabilities and maintain website security.
Conclusion:
The swift response from the Royal Elementor Addons and Templates developers in releasing version 1.3.977 underscores the critical importance of timely updates in addressing security vulnerabilities. Users are strongly advised to ensure their installations are running version 1.3.977 or later to protect their WordPress sites from potential exploits.
References:
- Wordfence - Authenticated (Contributor+) Stored Cross-Site Scripting
- Wordfence - Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads
Detailed Report:
In today's digital landscape, maintaining the security of your WordPress website is crucial to safeguarding against potential threats. Recently, vulnerabilities have come to light in the Royal Elementor Addons and Templates plugin, exposing potential risks to website integrity. Specifically, the plugin is susceptible to Authenticated (Contributor+) Stored Cross-Site Scripting and Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads, identified as CVE-2024-4488 and CVE-2024-4489 respectively. These vulnerabilities, discovered by Ngô Thiên An (ancorn_) and wesley, affect versions up to and including 1.3.976, where inadequate input sanitization and output escaping allow authenticated attackers to inject malicious scripts into pages. This could lead to compromised user sessions, altered site content, or redirection to malicious sites.
Risks and Potential Impacts:
Exploiting these vulnerabilities enables attackers to compromise site security by injecting harmful scripts that execute when accessed by unsuspecting users. This could result in unauthorized data access, defacement of content, or unauthorized redirects, impacting user trust and potentially damaging the site's reputation.
Remediation Steps:
Immediate Action: Update Royal Elementor Addons and Templates to version 1.3.977 or newer immediately to mitigate the vulnerabilities. Monitor website logs for any signs of unauthorized script executions or unusual behaviors. Consider using alternative plugins with similar functionalities until the Royal Elementor Addons and Templates plugin is updated and verified secure. Regularly update all WordPress plugins to their latest versions to prevent vulnerabilities and ensure ongoing site security.
Previous Vulnerabilities:
Since March 4, 2022, there have been 39 documented vulnerabilities affecting the Royal Elementor Addons and Templates plugin, emphasizing the importance of proactive security measures.
Conclusion:
The swift response from the Royal Elementor Addons and Templates developers in releasing version 1.3.977 underscores the critical importance of timely updates in addressing security vulnerabilities. For small business owners managing WordPress websites, staying informed about plugin vulnerabilities and promptly applying updates is essential to maintaining site security and protecting against potential exploits.
Staying Secure
Staying on top of WordPress security can feel overwhelming for small business owners without dedicated IT staff. At Your WP Guy, we exist to shoulder that burden for you. Our WordPress experts can fully audit, secure, maintain and support your site - so you can focus on growing your business with peace of mind.
Don't tackle security risks alone. Let us help you assess any impact from this vulnerability, update your plugins, and implement ongoing maintenance to avoid future threats. We treat your website like it's our own - because we know how critical it is for reaching your customers.
Get in touch for a free consultation today on making WordPress security stress-free. Call 678-995-5169 or book a call here. Our knowledgeable team is ready to help you safeguard your online presence.