The Unlimited Elements for Elementor plugin for WordPress is vulnerable to SQL Injection via the 'data[filter_search]' parameter in the get_cat_addons AJAX action in versions up to and including 2.0.7. This is due to insufficient input sanitization and the use of deprecated escaping functions combined with direct string concatenation in SQL query construction. The vulnerability is exacerbated because the normalizeAjaxInputData() function calls stripslashes() on all user input, removing the protection provided by WordPress's wp_magic_quotes() function. Subsequently, the filter_search parameter is escaped using the deprecated wpdb->_escape() function and then directly concatenated into a LIKE clause without using prepared statements. This makes it possible for authenticated attackers, with Contributor-level access and above (who can obtain a valid nonce through the Elementor editor), to inject arbitrary SQL commands and extract sensitive information from the database.
The Unlimited Elements for Elementor WordPress plugin versions up to 2.0.7 contain a SQL Injection vulnerability in the get_cat_addons AJAX action due to insufficient input sanitization and deprecated escaping functions. Authenticated attackers with Contributor-level access can exploit this vulnerability by manipulating the 'data[filter_search]' parameter to execute arbitrary SQL queries.
يحتوي مكون Unlimited Elements for Elementor للإصدارات حتى 2.0.7 على ثغرة حقن SQL في إجراء AJAX get_cat_addons بسبب عدم كفاية تطهير المدخلات واستخدام وظائف هروب مهملة. يمكن للمهاجمين المصرح لهم بمستوى المساهم والأعلى استغلال هذه الثغرة من خلال معالجة معامل filter_search لتنفيذ استعلامات SQL عشوائية والوصول إلى بيانات قاعدة البيانات الحساسة.
The Unlimited Elements for Elementor WordPress plugin versions up to 2.0.7 contain a SQL Injection vulnerability in the get_cat_addons AJAX action due to insufficient input sanitization and deprecated escaping functions. Authenticated attackers with Contributor-level access can exploit this vulnerability by manipulating the 'data[filter_search]' parameter to execute arbitrary SQL queries.
Update the Unlimited Elements for Elementor plugin to version 2.0.8 or later immediately. Implement prepared statements using wpdb->prepare() for all database queries. Remove reliance on deprecated escaping functions and use WordPress's built-in sanitization and escaping functions. Restrict AJAX action access to necessary user roles and implement additional nonce verification.
قم بتحديث مكون Unlimited Elements for Elementor إلى الإصدار 2.0.8 أو أحدث فوراً. قم بتنفيذ بيانات معدة باستخدام wpdb->prepare() لجميع استعلامات قاعدة البيانات. أزل الاعتماد على وظائف الهروب المهملة واستخدم وظائف التطهير والهروب المدمجة في WordPress. قيد وصول إجراء AJAX للأدوار المستخدم الضرورية وقم بتنفيذ التحقق الإضافي من nonce.