Bleeping Computer

Critical flaw in Elementor WordPress plugin may affect 500k sites

The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites.
Threat Post

Cyberattackers Exploiting Critical WordPress Plugin Bug

The security hole in the Plus Addons for Elementor plugin was used in active zero-day attacks prior to a patch being issued. The Plus Addons for Elementor plugin for WordPress has a critical security ...
Infosecurity-magazine.com

RCE Vulnerability Found in RomethemeKit For Elementor Plugin

A severe security flaw in the popular RomethemeKit For Elementor WordPress plugin has been identified and patched. The issue, which could allow Remote Code Execution (RCE), has been fixed in version 1 ...
Searchenginejournal.com

WordPress Elementor Plugin Remote Code Execution Vulnerability

A vulnerability was discovered in Elementor, starting with version 3.6.0, that allows an attacker to upload arbitrary code and stage a full site takeover. The flaw was introduced through a lack of ...
Searchenginejournal.com

Elementor WordPress Plugin Hit By 6 Vulnerabilities

Security researchers issued an advisory on six unique XSS vulnerabilities discovered in the Elementor Website Builder and its Pro version that may allow attackers to inject malicious scripts.