Bleeping Computer

Critical flaw in WordPress add-on for Elementor exploited in attacks

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025–8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions ...
Bleeping Computer

Hackers exploit bug in Elementor Pro WordPress plugin

Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin to install backdoors on sites. Elementor Pro is a WordPress page builder plugin allowing ...
The Times of Israel

WordPress site builder Elementor buys Strattic in all-Israeli deal

Israeli company Elementor, the developer of a building platform for WordPress websites, has acquired Strattic, a web development and hosting solutions outfit based in Jerusalem, in an all-Israeli deal ...
Searchenginejournal.com

WordPress Elementor Vulnerability Affects +7 Million

Security researchers at Wordfence discovered a vulnerability on sites built with Elementor. The exploit is a type designated as a Stored Cross-site Scripting (XSS) vulnerability. It has the potential ...
Ars Technica

Hackers exploit WordPress plugin flaw that gives full control of millions of sites

Hackers are actively exploiting a critical vulnerability in a widely used WordPress plugin that gives them the ability to take complete control of millions of sites, researchers said. The ...