Over the last few weeks, critical security vulnerabities were discovered in more than 15 of the most popular addon plugins for popular pagebuilder Elementor – a blow to millions of users dependent on Elementor and it’s ecosystem of addons.

These vulnerabilities (Cross-Site Scripting in nature) are similar to the recently patched vulnerabilities in the main Elementor plugin itself. They allow any user with access to the Elementor editor, to add JavaScript to posts and these could result in the website being taken over in the worst cases.

In general, the addons affected were those that adds additional elements to the page builder. It is strongly recommended to update Elementor and all addons being used on your sites as soon as possible.

For more information, please check the official public release.

If you have questions, don’t hesitate to contact our support team.

People that read this article also liked

Critical Vulnerabilities Found on PageLayer Page Builder Plugin Critical Security Flaw in outdated WooCommerce NAB Transact Plugin WordPress Websites Security Breach – Outbreak of Malicious File Attacks WooCommerce 5.0 Has Landed