Bleeping Computer

WordPress Elementor plugin bug let attackers hijack accounts on 1M sites

One of WordPress's most popular Elementor plugins, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege escalation that could allow remote attacks to gain ...
Bleeping Computer

Hackers exploit bug in Elementor Pro WordPress plugin

Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin to install backdoors on sites. Elementor Pro is a WordPress page builder plugin allowing ...
Searchenginejournal.com

2M+ WordPress Sites Hit By Essential Addons For Elementor Vulnerability

Two Stored Cross-Site Scripting (XSS) vulnerabilities could allow attackers to inject malicious scripts into WordPress sites XSS vulnerabilities originated with inadequate sanitization and output ...