10,000 Sites Affected by Serious Flaws in Elementor King Addons
10,000 Sites Affected by Serious Flaws in Elementor King Addons
A well-known WordPress Elementor plugin that facilitates the creation of pricing tables, sliders, contact forms, and login processes has been discovered to be susceptible.
Two serious, unauthenticated problems with the King Addons for Elementor plugin, which is utilized on more than 10,000 websites, have the potential to take over a website completely.
Two readily exploitable vulnerabilities were revealed by recent Patchstack research:
- CVE-2025-6327 is an unauthenticated arbitrary file upload vulnerability that lets hackers upload files to directories that are accessible over the internet.
- A vulnerability in the registration endpoint (CVE-2025-6325) that permits the creation of accounts with arbitrary responsibilities
The upload vulnerability is caused by an AJAX handler that uses localized script data to reveal a nonce to each visitor, making it possible for unauthorized users to initiate the upload call.
Additionally, validation failed because the allowed_file_types parameter may be changed to allow undesirable files into wp-content/uploads/king-addons/forms/, and the file_validity() method returned a non-empty string for invalid file types rather than false.
A registration handler who took on roles provided by clients was the source of the privilege escalation problem. An attacker could create a complete administrator account by POSTing action=king_addons_user_register with user_role=administrator while site registration was enabled and the King Addons Register widget was present.
The seller fixed the flaws in two different versions.
Important enhancements include:
- To limit new accounts to secure roles like subscriber and customer, use a role allowlist and input sanitization.
- The upload handler now strictly enforces file type validation and requires the correct permission (upload_files).
Site administrators should upgrade the plugin to version 51.1.37 right away and confirm that the “King Addons Login | Register Form” widget is active on any page.
The likelihood of a full site compromise is much decreased by the patched release, which fixes the privilege escalation and file upload vulnerabilities.
According to Patchstack, “both vulnerabilities require no authentication and are trivially exploitable under common configurations.”
“It is highly advised that patches be applied immediately.”
About The Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blogs, he also writes for brands including Craw Security, Bytecode Security, and NASSCOM.
READ MORE HERE
Akira Ransomware reports about an Apache OpenOffice Breach that resulted in 23GB Theft
Red Hat Summit Connect 2025 : Executive Exchange
About Author
English