Prime Slider Addons for Elementor Server-Side Request Forgery Vulnerability

A Server-Side Request Forgery (SSRF) vulnerability has been identified in the Prime Slider – Addons for Elementor plugin for WordPress, affecting all versions through 4.0.9. The vulnerability arises in the import_elementor_template AJAX action, allowing authenticated attackers with subscriber-level access or higher to send web requests to arbitrary locations. This could be exploited to query and modify information from internal services.

Impact

Exploitation of this vulnerability could allow authenticated attackers to make unauthorized requests to internal services, potentially leading to the disclosure or modification of sensitive information.

Reproduction

To reproduce this vulnerability, an authenticated user with subscriber-level access or higher can send a request to the import_elementor_template AJAX action. The request must include a URL pointing to the target internal service. Once the request is processed, the response from the internal service can be accessed, demonstrating the SSRF vulnerability.

Remediation

Users are advised to update the Prime Slider – Addons for Elementor plugin to version 4.1.0 or later, where this vulnerability has been patched.