CVE-2024-13354
📋 TL;DR
This vulnerability allows authenticated WordPress users with Contributor-level access or higher to inject malicious scripts into website pages using the Responsive Addons for Elementor plugin. The scripts execute automatically when other users view the compromised pages, enabling persistent cross-site scripting attacks. All WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Responsive Addons for Elementor – Free Elementor Addons Plugin
- Elementor Templates plugin for WordPress
📦 What is this software?
Responsive Addons by Cyberchimps
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator credentials, redirect users to malicious sites, deface websites, or install backdoors for persistent access.
Likely Case
Attackers with contributor accounts inject malicious scripts to steal user session cookies, redirect visitors to phishing sites, or display unwanted content.
If Mitigated
With proper user access controls and content security policies, impact is limited to potential defacement or minor script injection.
🎯 Exploit Status
Exploitation requires authenticated access but is technically simple once an attacker has contributor-level credentials.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.6.5 and later
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Responsive Addons for Elementor'. 4. Click 'Update Now' if available. 5. Alternatively, download version 1.6.5+ from WordPress repository and manually update.
🔧 Temporary Workarounds
Disable vulnerable plugin
allTemporarily disable the Responsive Addons for Elementor plugin until patched
wp plugin deactivate responsive-addons-for-elementor
Restrict user roles
allTemporarily remove Contributor role access or limit to trusted users only
🧯 If You Can't Patch
- Implement Content Security Policy (CSP) headers to restrict script execution
- Enable WordPress security plugins with XSS protection features
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins → Responsive Addons for Elementor versionCheck Version:
wp plugin get responsive-addons-for-elementor --field=versionVerify Fix Applied:
Confirm plugin version is 1.6.5 or higher in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unusual content modifications by contributor-level users
- HTML/script injections in post/page content
Network Indicators:
- Unexpected external script loads from WordPress pages
- Suspicious redirects from legitimate pages
SIEM Query:
source="wordpress" AND (event="post_modified" OR event="plugin_updated") AND plugin_name="responsive-addons-for-elementor" AND version<="1.6.4"