Description
WordPress Plugin Essential Addons for Elementor is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently reset the password of any user, including administrator. WordPress Plugin Essential Addons for Elementor versions 5.4.0 - 5.7.1 are vulnerable.
Remediation
Update to plugin version 5.7.2 or latest
References
https://github.com/RandomRobbieBF/CVE-2023-32243
https://plugins.svn.wordpress.org/essential-addons-for-elementor-lite/trunk/readme.txt
Related Vulnerabilities
MySQL CVE-2019-2784 Vulnerability (CVE-2019-2784)
WordPress Plugin Simple PDF Viewer Cross-Site Scripting (1.9)
WordPress Plugin Booking Privilege Escalation (2.4)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3273)
WordPress Plugin Really Simple Guest Post Local File Inclusion (1.0.6)