CVE-2024-4275
📋 TL;DR
This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into pages using the Interactive Circle widget. The scripts execute whenever users view the compromised pages, enabling attackers to steal cookies, redirect users, or perform other malicious actions. All WordPress sites using the Essential Addons for Elementor plugin up to version 5.9.19 are affected.
💻 Affected Systems
- Essential Addons for Elementor WordPress plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator session cookies, take over the WordPress site, install backdoors, or redirect users to phishing/malware sites.
Likely Case
Attackers with contributor access inject malicious scripts to steal user cookies/sessions, deface pages, or redirect users to malicious content.
If Mitigated
With proper user role management and content review, impact is limited to defacement or minor data leakage from lower-privileged users.
🎯 Exploit Status
Exploitation requires contributor-level WordPress access. The vulnerability is well-documented with public proof-of-concept available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.9.20
Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3083162/essential-addons-for-elementor-lite/tags/5.9.20/includes/Elements/Interactive_Circle.php
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Essential Addons for Elementor'. 4. Click 'Update Now' if available, or download version 5.9.20+ from WordPress.org. 5. Activate the updated plugin.
🔧 Temporary Workarounds
Disable Interactive Circle Widget
allTemporarily disable the vulnerable widget until patching is possible
Navigate to Elementor → Settings → Advanced → Disable 'Interactive Circle' widget
Restrict Contributor Access
allTemporarily remove contributor-level access to untrusted users
Navigate to Users → Edit User → Change Role to 'Subscriber' for untrusted contributors
🧯 If You Can't Patch
- Implement strict user role management - only grant contributor access to trusted users
- Enable WordPress content review workflows to audit all contributor submissions before publishing
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Essential Addons for Elementor → Version number. If version is 5.9.19 or lower, you are vulnerable.Check Version:
wp plugin list --name='essential-addons-for-elementor' --field=versionVerify Fix Applied:
After updating, verify the plugin version shows 5.9.20 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to wp-admin/post.php with Interactive Circle widget parameters
- Multiple page edits by contributor-level users in short timeframes
Network Indicators:
- Script tags with unusual attributes in page responses
- External script loads from unexpected domains in page content
SIEM Query:
source="wordpress.log" AND ("Interactive_Circle" OR "ea-interactive-circle") AND (POST OR UPDATE)🔗 References
- https://plugins.trac.wordpress.org/changeset/3083162/essential-addons-for-elementor-lite/tags/5.9.20/includes/Elements/Interactive_Circle.php
- https://www.wordfence.com/threat-intel/vulnerabilities/id/91f50b65-f001-4c73-bfe3-1aed3fc10d26?source=cve
- https://plugins.trac.wordpress.org/changeset/3083162/essential-addons-for-elementor-lite/tags/5.9.20/includes/Elements/Interactive_Circle.php
- https://www.wordfence.com/threat-intel/vulnerabilities/id/91f50b65-f001-4c73-bfe3-1aed3fc10d26?source=cve
