Home
Mapping Frameworks
CVE Home
n/a

CVE CVE-2020-13125 Mappings

An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
CVE-2020-13125	n/a	uncategorized	T1189	Drive-by Compromise
CVE-2020-13125	n/a	uncategorized	T1203	Exploitation for Client Execution
CVE-2020-13125	n/a	uncategorized	T1204.002	Malicious File
CVE-2020-13125	n/a	uncategorized	T1499.004	Application or System Exploitation