WordPress.Elementor.Website.Builder.Arbitrary.File.Upload
Description
This indicates an attack attempt to exploit an Arbitrary File Upload Vulnerability in WordPress Elementor Website Builder Plugin.
The vulnerability is due to insufficient sanitizing of user-supplied inputs in the application. A remote, unauthenticated attacker can exploit this vulnerability to write an arbitrary file leading to remote code execution.
Affected Products
WordPress Elementor Website Builder 3.3.0 prior to 3.18.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://en-ca.wordpress.org/plugins/elementor/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |