Bleeping Computer

Hackers exploit bug in Elementor Pro WordPress plugin

Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin to install backdoors on sites. Elementor Pro is a WordPress page builder plugin allowing ...
Searchenginejournal.com

Vulnerabilities in 17+ Elementor Add-on Plugins for WordPress

Wordfence security researchers discovered that virtually every plugin tested that adds functionality to Elementor had a vulnerability. Many of the contacted plugin publishers updated their plugins but ...
Bleeping Computer

Critical flaw in WordPress add-on for Elementor exploited in attacks

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025–8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions ...
Searchenginejournal.com

WordPress Elementor Widgets Add-On Vulnerability

The patch fixed an issue that could lead to a Stored Cross-Site Scripting exploit that allows an attacker to upload malicious files to a website server where it can be activated when a user visits the ...
The Hindu

Hackers exploit security bug in a WordPress plugin used by 11 million websites

Threat actors are actively exploiting a security bug in Elementor Pro, a popular WordPress plugin used by over 11 million websites. The security bug allows authenticated users like shop customers or ...