The Wordfence Threat Intelligence team announced a vulnerability that they have found in Starter Templates – Elementor, Gutenberg & Beaver Builder Templates plugin, which is installed on more than 1 million websites. The plugin’s 2.7.0 and older versions contain the vulnerability which allows contributor-level users to overwrite any page with malicious JavaScript.
Overwrite with Javascript
The Wordfence team also stated that they have contacted the developer and a few days later, the vulnerability was patched in the 2.7.1 version. Wordfence also released a firewall rule to protect its users to protect against possible attacks.
Wordfence stated that a page that had been built with Elementor could be overwritten by an imported block, and the malicious JavaScript in the block would be executed in the browser. It allows users to be redirected to malicious websites, hijack the admin’s session to create a new malicious administrator, or to add a backdoor.
Timeline:
October 4, 2021 – Wordfence Threat Intelligence finishes our investigation and releases a firewall rule to protect Wordfence Premium customers. We initiate the disclosure process.
October 5, 2021 – The plugin developer responds and we send over full disclosure.
October 7, 2021 – A patched version, 2.7.1, is released.
November 3, 2021 – The firewall rule becomes available to Wordfence free users
The Wordfence team said,
“In today’s post we covered a vulnerability in the “Starter Templates – Elementor, Gutenberg & Beaver Builder Templates” plugin that allows lower-privileged users, such as Contributors, to overwrite existing posts and pages with arbitrary blocks containing malicious JavaScript.
We strongly recommend updating to the latest version of the plugin available immediately, which is 2.7.5 as of this writing, since it contains additional bug fixes.”
See more Cyber Security News
