# WordPress Essential Addons for Elementor 插件 5.4.0-5.7.1 存在特权提升漏洞
## 概述
WPDeveloper Essential Addons for Elementor 存在身份验证不当漏洞,允许特权提升。
## 影响版本
- 5.4.0 至 5.7.1
## 细节
由于身份验证机制存在问题,攻击者可能利用此漏洞进行特权提升。
## 影响
攻击者可能利用该漏洞获取更高的系统权限,对系统进行未经授权的操作。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | poc | https://github.com/little44n1o/cve-2023-32243 | POC详情 |
| 2 | Exploit for CVE-2023-32243 - Unauthorized Account Takeover. | https://github.com/gbrsh/CVE-2023-32243 | POC详情 |
| 3 | CVE-2023-32243 - Essential Addons for Elementor 5.4.0-5.7.1 - Unauthenticated Privilege Escalation | https://github.com/RandomRobbieBF/CVE-2023-32243 | POC详情 |
| 4 | None | https://github.com/manavvedawala2/CVE-2023-32243-POC | POC详情 |
| 5 | None | https://github.com/manavvedawala2/CVE-2023-32243-proof-of-concept | POC详情 |
| 6 | Vulnerable docker to test for: CVE-2023-32243 | https://github.com/YouGina/CVE-2023-32243 | POC详情 |
| 7 | Identifies domains which run WordPress and tests against vulnerabilities (CVE-2023-32243) / #VU76395 / etc... | https://github.com/thatonesecguy/Wordpress-Vulnerability-Identification-Scripts | POC详情 |
| 8 | None | https://github.com/manavvedawala/CVE-2023-32243-proof-of-concept | POC详情 |
| 9 | Python 2.7 | https://github.com/Jenderal92/WP-CVE-2023-32243 | POC详情 |
| 10 | Mass-CVE-2023-32243 | https://github.com/shaoyu521/Mass-CVE-2023-32243 | POC详情 |
| 11 | Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-32243.yaml | POC详情 |
| 12 | None | https://github.com/dev0558/CVE-2023-32243-Detection-and-Mitigation-in-WordPress | POC详情 |
暂无评论