CVE-2024-2785
📋 TL;DR
This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into pages using the Age Gate widget in The Plus Addons for Elementor plugin. The scripts are stored and execute whenever users visit the compromised pages, enabling potential session hijacking, defacement, or malware distribution. All WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- The Plus Addons for Elementor (WordPress plugin)
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator credentials, redirect users to malicious sites, install backdoors, or completely compromise the WordPress site and potentially the server.
Likely Case
Site defacement, cookie/session theft for lower-privileged users, or redirection to phishing/malware sites affecting visitors.
If Mitigated
Limited to content manipulation within contributor permissions if proper user role management and content review processes are in place.
🎯 Exploit Status
Exploitation requires authenticated access but is straightforward once an attacker has contributor privileges. The vulnerability is well-documented in security advisories.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.5.0
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'The Plus Addons for Elementor'. 4. Click 'Update Now' if available, or download version 5.5.0+ from WordPress repository. 5. Activate the updated plugin.
🔧 Temporary Workarounds
Disable Age Gate Widget
allTemporarily disable the vulnerable Age Gate widget until patching is possible
Restrict User Roles
allLimit contributor and author roles to trusted users only and implement content review workflows
🧯 If You Can't Patch
- Remove the plugin entirely and use alternative age verification solutions
- Implement strict Content Security Policy (CSP) headers to mitigate XSS impact
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → The Plus Addons for Elementor → Version. If version is 5.4.2 or lower, you are vulnerable.Check Version:
wp plugin list --name='the-plus-addons-for-elementor' --field=versionVerify Fix Applied:
Verify plugin version is 5.5.0 or higher in WordPress admin panel. Test Age Gate widget functionality to ensure it still works without security issues.📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to wp-admin/admin-ajax.php with age_gate parameters
- Multiple page edits by contributor-level users in short timeframes
- Suspicious script tags in page content containing age-gate attributes
Network Indicators:
- Unexpected JavaScript loading from WordPress pages with age-gate parameters
- External script calls from pages using the Age Gate widget
SIEM Query:
source="wordpress.log" AND ("age_gate" OR "tp_age_gate") AND ("script" OR "onclick" OR "javascript:")🔗 References
- https://plugins.trac.wordpress.org/browser/the-plus-addons-for-elementor-page-builder/tags/5.5.0/modules/widgets/tp_age_gate.php?annotate=blame#L2389
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076733%40the-plus-addons-for-elementor-page-builder&new=3076733%40the-plus-addons-for-elementor-page-builder&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d0117436-7a2a-42f3-8c05-75dfddfb9d09?source=cve
- https://plugins.trac.wordpress.org/browser/the-plus-addons-for-elementor-page-builder/tags/5.5.0/modules/widgets/tp_age_gate.php?annotate=blame#L2389
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3076733%40the-plus-addons-for-elementor-page-builder&new=3076733%40the-plus-addons-for-elementor-page-builder&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/d0117436-7a2a-42f3-8c05-75dfddfb9d09?source=cve
