CVE-2022-29455

MEDIUM NUCLEI

Elementor Website Builder <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 7 public exploits for CVE-2022-29455. PoCs published by akhilkoradiya, GULL2100, 0xc4t. A Nuclei detection template is also available.

AI-analyzed exploit summary This PoC demonstrates a Cross-Site Scripting (XSS) vulnerability in WordPress Elementor plugin versions <= 3.5.5. The exploit leverages a maliciously crafted URL to inject JavaScript code via the `frontend.min.js` file.

Description

DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.

Exploits (7)

nomisec WORKING POC 17 stars
by akhilkoradiya · poc
https://github.com/akhilkoradiya/CVE-2022-29455

This PoC demonstrates a Cross-Site Scripting (XSS) vulnerability in WordPress Elementor plugin versions <= 3.5.5. The exploit leverages a maliciously crafted URL to inject JavaScript code via the `frontend.min.js` file.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: WordPress Elementor Plugin <= 3.5.5
No auth needed
Prerequisites: Target running vulnerable version of Elementor plugin
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 4 stars
by GULL2100 · poc
https://github.com/GULL2100/Wordpress_xss-CVE-2022-29455

This PoC exploits a stored XSS vulnerability in Elementor WordPress plugin (CVE-2022-29455) to create an admin user via CSRF. It crafts a malicious payload that, when executed, sends an AJAX request to create a new administrator account.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: Elementor WordPress Plugin (versions affected by CVE-2022-29455)
No auth needed
Prerequisites: Target URL with vulnerable Elementor plugin · Webhook URL for exfiltration
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by 0xc4t · poc
https://github.com/0xc4t/CVE-2022-29455

This repository provides a Proof of Concept (PoC) for CVE-2022-29455, an XSS vulnerability in WordPress Elementor plugin versions <= 3.5.5. The exploit leverages a maliciously crafted URL to trigger a cross-site scripting attack via the plugin's frontend.min.js file.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: WordPress Elementor Plugin <= 3.5.5
No auth needed
Prerequisites: Target running vulnerable version of Elementor plugin
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec SCANNER 2 stars
by abdipranata · poc
https://github.com/abdipranata/CVE-2022-29455

This repository contains a mass scanner for CVE-2022-29455, which targets the Elementor plugin for WordPress. The script checks for vulnerable versions of the plugin by querying the readme.txt file and comparing version numbers.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Elementor Website Builder plugin for WordPress (versions <= 3.5.5)
No auth needed
Prerequisites: List of target URLs
devstral-2 · analyzed Apr 10, 2026 Full analysis →
nomisec SCANNER 2 stars
by yaudahbanh · poc
https://github.com/yaudahbanh/CVE-2022-29455

This repository contains a mass scanner for CVE-2022-29455, which targets vulnerable versions of the Elementor plugin for WordPress. The script checks for the presence of the plugin and its version to determine vulnerability status.

Classification
Scanner 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Elementor Website Builder plugin for WordPress (versions <= 3.5.5)
No auth needed
Prerequisites: List of target URLs
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by tucommenceapousser · poc
https://github.com/tucommenceapousser/CVE-2022-29455

This repository contains a proof-of-concept exploit for CVE-2022-29455, a stored XSS vulnerability in WordPress Elementor plugin versions <= 3.5.5. The exploit leverages the `elementor-action` URL parameter to inject malicious JavaScript payloads, which can create an administrator account via CSRF.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: WordPress Elementor Plugin <= 3.5.5
No auth needed
Prerequisites: Target running vulnerable Elementor plugin · Ability to trick an admin into clicking a crafted URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec SCANNER
by tucommenceapousser · poc
https://github.com/tucommenceapousser/CVE-2022-29455-mass

This repository contains a mass scanner for CVE-2022-29455, which targets vulnerable versions of the Elementor plugin for WordPress. The script checks for the presence of the plugin and its version to determine vulnerability status.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Elementor Website Builder plugin for WordPress (versions <= 3.5.5)
No auth needed
Prerequisites: List of target URLs
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (2)

WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting
MEDIUMVERIFIEDby rotembar,daffainfo
WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting
MEDIUMVERIFIEDby rotembar,daffainfo

References (3)

Core 3

Scores

CVSS v3 4.7
EPSS 0.2318
EPSS Percentile 97.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (2)
Elementor/Elementor Website Builder (WordPress plugin) <= 3.5.5 - 3.5.5
elementor/website_builder < 3.5.5
Published Jun 13, 2022
Tracked Since Feb 18, 2026