CVE-2022-3805
Published: 22 December 2022
Summary
CVE-2022-3805 is a high-severity Authorization Bypass Through User-Controlled Key (CWE-639) vulnerability in Jegtheme Jeg Elementor Kit. Its CVSS base score is 8.6 (High).
Operationally, ranked in the top 7.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The Jeg Elementor Kit plugin for WordPress is affected by an authorization bypass vulnerability in versions up to and including 2.5.6. The flaw resides in multiple functions responsible for updating plugin settings and permits unauthenticated attackers to leverage a nonce obtainable from pages edited by the plugin, thereby modifying the MailChimp API key, global styles, 404 page settings, and enabled elements. The issue is tracked as CWE-639 and carries a CVSS 3.1 score of 8.6.
Unauthenticated remote attackers can exploit the vulnerability without any user interaction or privileges. Successful exploitation allows them to alter sensitive configuration values, including third-party API credentials and site behavior settings, which can lead to unauthorized data access, content manipulation, or further compromise of the WordPress installation.
Public references point to a patched changeset in the plugin's WordPress repository and an advisory from Wordfence that identify the affected code paths. Site administrators are advised to update Jeg Elementor Kit to a version beyond 2.5.6 through the standard WordPress plugin update mechanism to remediate the authorization checks.
The EPSS score for this CVE rose from a low baseline to a peak of 0.1636 on 2025-12-11 before receding to the current value of 0.0848, indicating that exploitation interest increased after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-43146
Vulnerability details
The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited…
more
by the plugin, to update the MailChimp API key, global styles, 404 page settings, and enabled elements.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.