Bleeping Computer

WordPress Elementor plugin bug let attackers hijack accounts on 1M sites

One of WordPress's most popular Elementor plugins, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege escalation that could allow remote attacks to gain ...
Searchenginejournal.com

Vulnerabilities in 17+ Elementor Add-on Plugins for WordPress

Wordfence security researchers discovered that virtually every plugin tested that adds functionality to Elementor had a vulnerability. Many of the contacted plugin publishers updated their plugins but ...
Searchenginejournal.com

Elementor WordPress Contact Form Plugin Vulnerability Exposes Up To 200,000 Sites

A stored XSS vulnerability is one in which a website fails to properly secure an input, like a submission form, which allows a hacker to upload a malicious script to the server. The script is then ...
Threat Post

Cyberattackers Exploiting Critical WordPress Plugin Bug

The security hole in the Plus Addons for Elementor plugin was used in active zero-day attacks prior to a patch being issued. The Plus Addons for Elementor plugin for WordPress has a critical security ...
Bleeping Computer

Critical flaw in Elementor WordPress plugin may affect 500k sites

The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites.
TechCrunch

Elementor raises $15M for its WordPress website builder

WordPress has become so ubiquitous, it’s easy to forget that it still drives a huge ecosystem of startups that build tools and services around the platform. One of these is Elementor, a graphical ...