CVE-2024-13353
📋 TL;DR
This vulnerability allows authenticated attackers with Contributor-level access or higher to perform Local File Inclusion (LFI) in the Responsive Addons for Elementor WordPress plugin. Attackers can include and execute arbitrary PHP files on the server, potentially leading to remote code execution, data theft, or privilege escalation. All WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Full server compromise through remote code execution, allowing attackers to install backdoors, steal sensitive data, deface websites, or pivot to internal networks.
Likely Case
Unauthorized file access leading to sensitive information disclosure, privilege escalation to administrator, or website defacement.
If Mitigated
Limited impact if proper file upload restrictions and server hardening are in place, though some information disclosure may still occur.
🎯 Exploit Status
Exploitation requires authenticated access and knowledge of file paths. Attackers may need to combine with file upload vulnerabilities for full code execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.6.5
Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3226779/responsive-addons-for-elementor/tags/1.6.5/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Responsive Addons for Elementor'. 4. Click 'Update Now' if available, or download version 1.6.5+ from WordPress repository. 5. Activate the updated plugin.
🔧 Temporary Workarounds
Temporary Plugin Deactivation
allDisable the vulnerable plugin until patched
Role Restriction
allTemporarily restrict Contributor role assignments and review existing Contributor accounts
🧯 If You Can't Patch
- Implement strict file upload restrictions to prevent PHP file uploads
- Apply web application firewall rules to block LFI patterns and restrict file inclusion paths
🔍 How to Verify
Check if Vulnerable:
Check plugin version in WordPress admin under Plugins → Installed Plugins. Look for 'Responsive Addons for Elementor' version 1.6.4 or lower.Check Version:
wp plugin list --name='responsive-addons-for-elementor' --field=versionVerify Fix Applied:
Verify plugin version shows 1.6.5 or higher after update. Test file inclusion functionality in affected widgets.📡 Detection & Monitoring
Log Indicators:
- Unusual file inclusion patterns in web server logs, especially with PHP file extensions
- Multiple failed file inclusion attempts from Contributor-level accounts
- Unexpected PHP file executions in plugin directories
Network Indicators:
- HTTP requests with file inclusion parameters targeting plugin widgets
- Unusual POST/GET requests to WooCommerce-related plugin endpoints
SIEM Query:
source="web_server" AND (uri="*includes/widgets-manager/widgets/woocommerce/*" AND (param="*file*" OR param="*include*" OR param="*require*"))🔗 References
- https://plugins.trac.wordpress.org/browser/responsive-addons-for-elementor/trunk/includes/widgets-manager/widgets/woocommerce/class-responsive-addons-for-elementor-product-carousel.php#L3151
- https://plugins.trac.wordpress.org/browser/responsive-addons-for-elementor/trunk/includes/widgets-manager/widgets/woocommerce/class-responsive-addons-for-elementor-woo-products.php#L3725
- https://plugins.trac.wordpress.org/changeset/3226779/responsive-addons-for-elementor/tags/1.6.5/includes/widgets-manager/widgets/woocommerce/class-responsive-addons-for-elementor-product-carousel.php
- https://plugins.trac.wordpress.org/changeset/3226779/responsive-addons-for-elementor/tags/1.6.5/includes/widgets-manager/widgets/woocommerce/class-responsive-addons-for-elementor-woo-products.php
- https://www.wordfence.com/threat-intel/vulnerabilities/id/98df88f8-5aeb-4f57-8525-6a9357173b1d?source=cve
