Threat Post

WordPress Page Builder Plugin Bugs Threaten 1 Million Sites with Full Takeover

Severe CSRF to XSS bugs open the door to code execution and complete website compromise. Page Builder by SiteOrigin, a WordPress plugin with a million active installs that’s used to build websites via ...
Threat Post

WordPress Plugin Bug in Popup Builder Threatens 100K Websites

The high-severity flaw allows malicious code injection into website pop-up windows. Two vulnerabilities – including a high-severity flaw – have been patched in a popular WordPress plugin called Popup ...
ZDNet

WordPress plugin Page Builder by SiteOrigin patched against code execution attacks

Developed by Greg Priday, Page Builder by SiteOrigin is a drag-and-drop page creation plugin used for creating mobile-ready content. The software is actively installed on over one million websites.
Searchenginejournal.com

WordPress Metform Elementor Contact Form Builder Plugin Vulnerability

The U.S. government National Vulnerability Database (NVD) issued an advisory about a vulnerability affecting Metform Elementor Contact Form Builder WordPress plugin that could leak sensitive ...
Bleeping Computer

WordPress plugin bugs can let hackers take over almost 1M sites

Two high severity vulnerabilities found in the Page Builder WordPress plugin installed on more than 1,000,000 sites can let hackers create new admin accounts, plant backdoors, and ultimately take over ...

Another major WordPress add-on security flaw could affect 10,000 sites - find out if you're affected

King Addons for Elementor, a commercial WordPress plugin that extends the Elementor page builder with extra website builder widgets, templates, and design features, carried two critical-level ...