CVE ID – CVE-2020-7055
CVSS SCORE – 8.9(AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C)
AFFECTED VENDORS – Elementor
AFFECTED PRODUCTS – Elementor WordPress Plugin
VULNERABILITY DETAILS – The Elementor plugin (version 2.7.4 and below) was found to be vulnerable to an arbitrary file upload. Due to the application not handling zip files with directories properly an attacker could upload php files which were executable, this allowed any user able to import templates to execute commands on the underlying server.
Read more about the technical details and the disclosure of the vulnerability
ADDITIONAL DETAILS – The vendor has released an update to patch this vulnerability. Information can be found here: https://elementor.com/
DISCLOSURE TIMELINE:
28/10/2019 Disclosure to vendor
29/10/2019 Vendor acknowledged vulnerability
29/10/2019 Fix released
CREDIT – Sam Thomas, Kyle Fleming