The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites.

Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin to install backdoors on sites. Elementor Pro is a WordPress page builder plugin allowing ...

A vulnerability was discovered in Elementor, starting with version 3.6.0, that allows an attacker to upload arbitrary code and stage a full site takeover. The flaw was introduced through a lack of ...

Threat actors are actively exploiting a security bug in Elementor Pro, a popular WordPress plugin used by over 11 million websites. The security bug allows authenticated users like shop customers or ...

A critical security vulnerability in Essential Addons for Elementor has been identified, potentially impacting over two million WordPress websites. The flaw, a reflected cross-site scripting (XSS) ...

The United States National Vulnerability Database published an advisory of an XSS vulnerability affecting the popular Metform Elementor Contact Form Builder, which exposes over 200,000 active installs ...

Hackers are actively exploiting a critical vulnerability in a widely used WordPress plugin that gives them the ability to take complete control of millions of sites, researchers said. The ...

A severe security flaw in the popular RomethemeKit For Elementor WordPress plugin has been identified and patched. The issue, which could allow Remote Code Execution (RCE), has been fixed in version 1 ...