The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites.

XSS vulnerability affecting up to +200,000 WordPress installations discovered in Elementor add-on plugin, Jeg Elementor Kit.

The Plus Addons for Elementor plugin for WordPress has a critical security vulnerability that attackers can exploit to quickly, easily and remotely take over a website. First reported as a zero ...

Hackers exploit WordPress plugin flaw that gives full control of millions of sites Elementor Pro fixed the vulnerability, but not everyone has installed the patch.