Ars Technica

Hackers exploit WordPress plugin flaw that gives full control of millions of sites

Hackers are actively exploiting a critical vulnerability in a widely used WordPress plugin that gives them the ability to take complete control of millions of sites, researchers said. The ...
Searchenginejournal.com

WordPress Metform Elementor Contact Form Builder Plugin Vulnerability

The U.S. government National Vulnerability Database (NVD) issued an advisory about a vulnerability affecting Metform Elementor Contact Form Builder WordPress plugin that could leak sensitive ...
Searchenginejournal.com

WordPress Elementor Plugin Remote Code Execution Vulnerability

A vulnerability was discovered in Elementor, starting with version 3.6.0, that allows an attacker to upload arbitrary code and stage a full site takeover. The flaw was introduced through a lack of ...
Bleeping Computer

WordPress Elementor plugin bug let attackers hijack accounts on 1M sites

One of WordPress's most popular Elementor plugins, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege escalation that could allow remote attacks to gain ...
Infosecurity Magazine

Critical Flaws Found in Elementor King Addons Affect 10,000 Sites

The King Addons for Elementor plugin contains two flaws allowing unauthenticated file uploads and privilege escalation ...