{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-7284/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":9.8,"id":"CVE-2026-7284"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Easy Elements for Elementor – Addons \u0026 Website Templates plugin"],"_cs_severities":["critical"],"_cs_tags":["privilege-escalation","wordpress","cve-2026-7284"],"_cs_type":"advisory","_cs_vendors":["Wordpress"],"content_html":"\u003cp\u003eThe Easy Elements for Elementor – Addons \u0026amp; Website Templates plugin for WordPress, versions up to and including 1.4.4, contains a privilege escalation vulnerability (CVE-2026-7284). The vulnerability resides in the \u0026rsquo;easyel_handle_register\u0026rsquo; function, which fails to properly validate or restrict user roles assigned during registration. This oversight allows unauthenticated attackers to register new accounts with administrative privileges, effectively granting them full control over the affected WordPress site. The vulnerability was reported by Wordfence.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn unauthenticated attacker sends a registration request to the WordPress site.\u003c/li\u003e\n\u003cli\u003eThe registration request is directed to the \u0026rsquo;easyel_handle_register\u0026rsquo; function within the Easy Elements for Elementor plugin.\u003c/li\u003e\n\u003cli\u003eThe attacker includes the \u0026lsquo;administrator\u0026rsquo; role in the registration data.\u003c/li\u003e\n\u003cli\u003eThe \u0026rsquo;easyel_handle_register\u0026rsquo; function processes the registration request without proper validation of the requested user role.\u003c/li\u003e\n\u003cli\u003eA new user account is created with the \u0026lsquo;administrator\u0026rsquo; role.\u003c/li\u003e\n\u003cli\u003eThe attacker logs in to the WordPress site using the newly created administrator account.\u003c/li\u003e\n\u003cli\u003eThe attacker has complete control over the WordPress site.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-7284 allows unauthenticated attackers to gain full administrative control over a WordPress website. This could lead to complete compromise, including arbitrary code execution via plugin or theme modification, data exfiltration, defacement, or denial of service. Given the widespread use of WordPress and the Elementor plugin, a large number of websites are potentially vulnerable.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade the Easy Elements for Elementor – Addons \u0026amp; Website Templates plugin to the latest version, which contains a fix for CVE-2026-7284.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect WordPress Administrator Registration\u003c/code\u003e to identify registration attempts with the administrator role.\u003c/li\u003e\n\u003cli\u003eMonitor WordPress user registration logs for suspicious activity and unexpected administrator account creation.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-20T02:18:13Z","date_published":"2026-05-20T02:18:13Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-7284-wordpress-privesc/","summary":"The Easy Elements for Elementor plugin for WordPress is vulnerable to privilege escalation (CVE-2026-7284) due to unrestricted user role assignment during registration, allowing unauthenticated attackers to gain administrator access.","title":"CVE-2026-7284 - Easy Elements for Elementor WordPress Plugin Privilege Escalation","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-7284-wordpress-privesc/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-7284","version":"https://jsonfeed.org/version/1.1"}