Cyber Resilience

CVE-2022-3805

HighPublic PoC

Published: 22 December 2022

Published
22 December 2022
Modified
08 April 2026
KEV Added
Patch
CVSS Score v3.1 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
EPSS Score 0.0848 92.5th percentile
Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-3805 is a high-severity Authorization Bypass Through User-Controlled Key (CWE-639) vulnerability in Jegtheme Jeg Elementor Kit. Its CVSS base score is 8.6 (High).

Operationally, ranked in the top 7.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

The Jeg Elementor Kit plugin for WordPress is affected by an authorization bypass vulnerability in versions up to and including 2.5.6. The flaw resides in multiple functions responsible for updating plugin settings and permits unauthenticated attackers to leverage a nonce obtainable from pages edited by the plugin, thereby modifying the MailChimp API key, global styles, 404 page settings, and enabled elements. The issue is tracked as CWE-639 and carries a CVSS 3.1 score of 8.6.

Unauthenticated remote attackers can exploit the vulnerability without any user interaction or privileges. Successful exploitation allows them to alter sensitive configuration values, including third-party API credentials and site behavior settings, which can lead to unauthorized data access, content manipulation, or further compromise of the WordPress installation.

Public references point to a patched changeset in the plugin's WordPress repository and an advisory from Wordfence that identify the affected code paths. Site administrators are advised to update Jeg Elementor Kit to a version beyond 2.5.6 through the standard WordPress plugin update mechanism to remediate the authorization checks.

The EPSS score for this CVE rose from a low baseline to a peak of 0.1636 on 2025-12-11 before receding to the current value of 0.0848, indicating that exploitation interest increased after public disclosure.

EU & UK References

Vulnerability details

The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited…

more

by the plugin, to update the MailChimp API key, global styles, 404 page settings, and enabled elements.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

jegtheme
jeg elementor kit
≤ 2.5.7

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-639

Per-request decision making makes it harder to bypass authorization using user-controlled keys without proper validation in the decision process.

addresses: CWE-639

Consistent enforcement of approved authorizations makes bypassing via user-controlled keys ineffective.

References