Infosecurity-magazine.com

Essential Addons Plugin Flaw Exposes One Million WordPress Websites

A newly discovered vulnerability in the Essential Addons for Elementor plugin has put over one million WordPress websites at risk of attacks aimed at gaining unauthorized access to user accounts with ...
Searchenginejournal.com

Vulnerabilities in 17+ Elementor Add-on Plugins for WordPress

Wordfence security researchers discovered that virtually every plugin tested that adds functionality to Elementor had a vulnerability. Many of the contacted plugin publishers updated their plugins but ...
Searchenginejournal.com

2M+ WordPress Sites Hit By Essential Addons For Elementor Vulnerability

Two Stored Cross-Site Scripting (XSS) vulnerabilities could allow attackers to inject malicious scripts into WordPress sites XSS vulnerabilities originated with inadequate sanitization and output ...
Bleeping Computer

Critical flaw in WordPress add-on for Elementor exploited in attacks

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025–8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions ...