CVE-2021-24175
CRITICAL EXPLOITED IN THE WILD NUCLEIThe Plus Addons for Elementor < 4.1.7 - Unauthenticated Authentication Bypass
Title source: llmExploitation Summary
CVE-2021-24175 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). A Nuclei detection template is also available.
Description
The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.7 was being actively exploited to by malicious actors to bypass authentication, allowing unauthenticated users to log in as any user (including admin) by just providing the related username, as well as create accounts with arbitrary roles, such as admin. These issues can be exploited even if registration is disabled, and the Login widget is not active.
Nuclei Templates (1)
The Plus Addons for Elementor Page Builder < 4.1.7 - Authentication Bypass
CRITICALVERIFIEDby pussycat0x
FOFA:
body="/wp-content/plugins/the-plus-addons-for-elementor-page-builder/"
References (3)
Core 3
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://wpscan.com/vulnerability/c311feef-7041-4c21-9525-132b9bd32f89
Third Party Advisory x_refsource_misc
https://www.wordfence.com/blog/2021/03/critical-0-day-in-the-plus-addons-for-elementor-allows-site-takeover/
Broken Link x_refsource_misc
https://posimyth.ticksy.com/ticket/2713734/
Scores
CVSS v3
9.8
EPSS
0.1446
EPSS Percentile
96.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2021-03-08
InTheWild.io
2021-04-09
CWE
CWE-287
Status
published
Products (1)
posimyth/the_plus_addons_for_elementor
< 4.1.7
Published
Apr 05, 2021
Tracked Since
Feb 18, 2026