CVE-2023-3779
CVSS Score
V3.1EPSS Score
v2023.03.01There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.
Attack Vector Metrics
Impact Metrics
Description
The Essential Addons For Elementor plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 5.8.1 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to obtain a site's MailChimp API key. We recommend resetting any MailChimp API keys if running a vulnerable version of this plugin with the MailChimp block enabled as the API key may have been compromised. This only affects sites running the premium version of the plugin and that have the Mailchimp block enabled on a page.
Available Exploits
Related News
Affected Products
Affected Versions:
WordPress Vulnerability
Identified and analyzed by Wordfence
Software Type
Patch Status
Published
Software Details
Software Name
Essential Addons for Elementor – Popular Elementor Addon With Ready Templates, Advanced Widgets, Kits & WooCommerce Builders
Software Slug
essential-addons-for-elementor-lite
Affected Versions
Patched Versions
Remediation
Update to version 5.8.2, or a newer patched version
© Defiant Inc. Data provided by Wordfence.