WordPress Elementor plugin <= 3.18.3 – Authenticated Stored Cross-Site Scripting via get_image_alt vulnerability
Wesley (wcraft) identified and brought to attention a Cross Site Scripting (XSS) vulnerability present in the WordPress Elementor Website Builder Plugin. Exploiting this flaw could empower a malicious actor to insert harmful scripts, such as redirects, advertisements, and various HTML payloads, into your website. These scripts would then be executed when visitors access your site. The identified vulnerability has been addressed and resolved in version 3.19.0.
The Elementor Website Builder, a WordPress plugin that goes beyond conventional page building, exhibits a vulnerability to Reflected Cross-Site Scripting through the $instance[alt] parameter within the get_image_alt function. This vulnerability exists in all versions up to and including 3.18.3, stemming from inadequate input sanitization and output escaping. Consequently, authenticated attackers with contributor access or higher could potentially inject arbitrary web scripts into pages. The execution of these scripts relies on successfully deceiving a user into taking actions like clicking on a link.
The Elementor Website Builder, a WordPress plugin that goes beyond conventional page building, exhibits a vulnerability to Reflected Cross-Site Scripting through the $instance[alt] parameter within the get_image_alt function. This vulnerability exists in all versions up to and including 3.18.3, stemming from inadequate input sanitization and output escaping. Consequently, authenticated attackers with contributor access or higher could potentially inject arbitrary web scripts into pages. The execution of these scripts relies on successfully deceiving a user into taking actions like clicking on a link.