CVE-2020-20634
First published: Fri Aug 21 2020(Updated: )
Elementor 2.9.5 and below WordPress plugin allows authenticated users to activate its safe mode feature. This can be exploited to disable all security plugins on the blog.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Elementor Website Builder WordPress | <=2.9.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for Elementor WordPress plugin?
The vulnerability ID for Elementor WordPress plugin is CVE-2020-20634.
What is the impact of CVE-2020-20634?
CVE-2020-20634 allows authenticated users to activate the safe mode feature and disable all security plugins on the blog.
What is the severity level of CVE-2020-20634?
The severity level of CVE-2020-20634 is medium, with a severity value of 6.5.
How can the safe mode feature in Elementor plugin be exploited?
Authenticated users can exploit the safe mode feature in Elementor plugin to disable all security plugins on the blog.
Is there a fix available for CVE-2020-20634?
Yes, a fix has been released for CVE-2020-20634. It is recommended to update to a version above 2.9.5 of the Elementor plugin.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/event
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/elementor
- canonical/elementor website builder wordpress
- version/elementor website builder wordpress/2.9.5