WordPress Elementor Plugin Ecosystem Riddled By Vulnerabilities

April 29, 2022 | | Updated: November 01, 2022

Elementor is a popular Plugin Page Builder developers worldwide choose to create unique professional WordPress websites easily. The plugin has been rocked recently by critical security vulnerabilities. The flaws are detected in more than 15 popular addon plugins for Elementor and have critically impacted millions of users who created websites on the platform and its addon ecosystem. These Cross-Site Scripting vulnerabilities resemble the recently patched vulnerabilities in the main Elementor plugin. The flaw allows hackers with access to Elementor editor to add JavaScript to posts resulting in websites getting taken over by cyber attackers. The addons that add additional elements to the page builder are affected. The company has recommended its users to update Elementor and its addons as soon as possible to deflect the attacks.