CVE-2023-32243

CRITICAL EXPLOITED IN THE WILD NUCLEI LAB

Essential Addons for Elementor 5.4.0-5.7.1 - Unauthenticated Privilege Escalation via Arbitrary Password Reset

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2023-32243 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 9 public exploits from researchers including RandomRobbieBF, Jenderal92, gbrsh. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit targets CVE-2023-32243, an unauthenticated privilege escalation vulnerability in Essential Addons for Elementor (versions 5.4.0-5.7.1). It resets arbitrary user passwords by exploiting improper validation of password reset keys.

Description

Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.

Exploits (9)

nomisec WORKING POC 81 stars
by RandomRobbieBF · remote
https://github.com/RandomRobbieBF/CVE-2023-32243

This exploit targets CVE-2023-32243, an unauthenticated privilege escalation vulnerability in Essential Addons for Elementor (versions 5.4.0-5.7.1). It resets arbitrary user passwords by exploiting improper validation of password reset keys.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Essential Addons for Elementor 5.4.0-5.7.1
No auth needed
Prerequisites: Target WordPress site URL · Valid username or email of the target account
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 4 stars
by Jenderal92 · remote
https://github.com/Jenderal92/WP-CVE-2023-32243

This PoC exploits CVE-2023-32243, an authentication bypass vulnerability in WordPress plugins, by resetting user passwords via an AJAX endpoint. It automates the process of retrieving usernames and triggering password resets.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: WordPress with vulnerable plugins (e.g., Essential Addons for Elementor)
No auth needed
Prerequisites: Target WordPress site with vulnerable plugin · List of target URLs
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 3 stars
by gbrsh · remote
https://github.com/gbrsh/CVE-2023-32243

This exploit targets CVE-2023-32243, an unauthorized account takeover vulnerability in Essential Addons for Elementor. It leverages a nonce bypass to reset the password of any user without authentication.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Essential Addons for Elementor (versions 5.4.0 to 5.7.1)
No auth needed
Prerequisites: Target WordPress site with vulnerable Essential Addons plugin · Knowledge of target username
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by shaoyu521 · remote
https://github.com/shaoyu521/Mass-CVE-2023-32243

This PoC exploits CVE-2023-32243, an authentication bypass vulnerability in Essential Addons for Elementor (versions 5.4.0 to 5.7.1), allowing password reset for arbitrary users via a crafted admin-ajax.php request. It automates version checking, username extraction, nonce retrieval, and password reset.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Essential Addons for Elementor (5.4.0 to 5.7.1)
No auth needed
Prerequisites: Target must have Essential Addons for Elementor plugin installed and vulnerable version · WordPress REST API must be accessible for username enumeration
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by thatonesecguy · remote
https://github.com/thatonesecguy/Wordpress-Vulnerability-Identification-Scripts

This exploit PoC targets CVE-2023-32243, an authentication bypass vulnerability in the Essential Addons for Elementor plugin for WordPress. It automates the process of identifying vulnerable versions, extracting usernames, and resetting passwords to gain unauthorized access.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Essential Addons for Elementor (WordPress plugin) versions 5.4.0 to 5.7.1
No auth needed
Prerequisites: Target WordPress site with vulnerable plugin version · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 1 stars
by little44n1o · remote
https://github.com/little44n1o/cve-2023-32243

This PoC exploits CVE-2023-32243, a vulnerability in the Essential Addons for Elementor plugin, allowing password reset for arbitrary users via a nonce bypass. It sends a crafted POST request to reset the password of a specified user.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Essential Addons for Elementor (version not specified)
No auth needed
Prerequisites: valid nonce · target site URL · target username
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP
by dev0558 · poc
https://github.com/dev0558/CVE-2023-32243-Detection-and-Mitigation-in-WordPress

This repository is a detailed writeup and demonstration of CVE-2023-32243, a privilege escalation vulnerability in the Essential Addons for Elementor WordPress plugin. It includes environment setup, detection strategies, and mitigation techniques but does not contain exploit code itself.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Essential Addons for Elementor (versions 5.4.0 to 5.7.1)
No auth needed
Prerequisites: WordPress installation with vulnerable plugin version · Network access to the target WordPress site
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by YouGina · poc
https://github.com/YouGina/CVE-2023-32243

This repository contains a proof-of-concept exploit for CVE-2023-32243, targeting a vulnerability in the Akismet plugin for WordPress. The exploit involves JavaScript-based keylogging and input tracking to bypass anti-spam mechanisms.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Akismet plugin for WordPress
No auth needed
Prerequisites: Access to a WordPress site with the vulnerable Akismet plugin installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by manavvedawala2 · remote
https://github.com/manavvedawala2/CVE-2023-32243-proof-of-concept

This PoC exploits CVE-2023-32243, an authentication bypass vulnerability in Essential Addons for Elementor, by resetting user passwords without proper authorization. It automates version checking, username enumeration, nonce extraction, and password reset via admin-ajax.php.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Essential Addons for Elementor (versions 5.4.0 to 5.7.1)
No auth needed
Prerequisites: WordPress site with vulnerable plugin installed · Access to the target site
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset
CRITICALVERIFIEDby DhiyaneshDK,Vikas Kundu

References (3)

Core 3

Scores

CVSS v3 9.8
EPSS 0.7652
EPSS Percentile 99.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Lab Environment

COMMUNITY
Community Lab
docker pull mysql:5.7
+6 more repos

Details

VulnCheck KEV 2023-05-18
InTheWild.io 2023-05-27
CWE
CWE-287
Status published
Products (2)
WPDeveloper/Essential Addons for Elementor 5.4.0 - 5.7.1
wpdeveloper/essential_addons_for_elementor 5.4.0 - 5.7.1
Published May 12, 2023
Tracked Since Feb 18, 2026