[ad_1]
Elementor users who haven’t updated recently will want to get on the latest version 3.1.4 as soon as possible. Researchers at Wordfence disclosed a set of stored Cross-Site Scripting (XSS) vulnerabilities in the plugin to its authors in February, which was partially patched at that time and additional fixes were released the second week of March.
Wordfence summarized the vulnerabilities in a post published yesterday, accompanied by a detailed walkthrough of how an attacker might compromise sites using Elementor:
These vulnerabilities allowed any user able to access the…
More Info
