CVE-2024-5818
📋 TL;DR
This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into pages using the Royal Elementor Addons plugin's Magazine Grid/Slider widget. When other users view the compromised pages, the scripts execute in their browsers, potentially stealing session cookies or redirecting to malicious sites. All WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Royal Elementor Addons and Templates WordPress plugin
📦 What is this software?
Royal Elementor Addons by Royal Elementor Addons
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator session cookies, take over the WordPress site, deface pages, or redirect visitors to malware distribution sites.
Likely Case
Malicious contributors inject ads, cryptocurrency miners, or phishing forms into pages, compromising user trust and site integrity.
If Mitigated
With proper user role management and content review workflows, only trusted users can create/modify content, limiting exploitation potential.
🎯 Exploit Status
Exploitation requires authenticated access but is straightforward once an attacker has contributor credentials.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.3.981
Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3121073/royal-elementor-addons
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Royal Elementor Addons and Templates'. 4. Click 'Update Now' if available, or manually update to version 1.3.981+. 5. Clear any caching plugins/CDN caches.
🔧 Temporary Workarounds
Disable vulnerable widget
allTemporarily disable the Magazine Grid/Slider widget in Elementor settings
Restrict user roles
allTemporarily remove contributor role access or require editor approval for all content
🧯 If You Can't Patch
- Implement strict Content Security Policy (CSP) headers to restrict script execution
- Enable WordPress security plugins with XSS protection features
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin → Plugins → Royal Elementor Addons → Version number. If version ≤1.3.980, you are vulnerable.Check Version:
wp plugin list --name='royal-elementor-addons' --field=versionVerify Fix Applied:
After updating, verify version shows 1.3.981 or higher in WordPress plugins list.📡 Detection & Monitoring
Log Indicators:
- Unusual content modifications by contributor users
- Multiple page edits in short timeframes
Network Indicators:
- Suspicious script tags in page responses containing 'magazine-grid' or 'magazine-slider' classes
SIEM Query:
source="wordpress.log" AND ("widget_id="magazine" OR "action=edit" AND user_role="contributor")🔗 References
- https://plugins.trac.wordpress.org/changeset/3121073/royal-elementor-addons
- https://www.wordfence.com/threat-intel/vulnerabilities/id/83a0150d-a9fa-4cc2-8fe8-a429747a9964?source=cve
- https://plugins.trac.wordpress.org/changeset/3121073/royal-elementor-addons
- https://www.wordfence.com/threat-intel/vulnerabilities/id/83a0150d-a9fa-4cc2-8fe8-a429747a9964?source=cve
