Critical WordPress plugin bug lets hackers take over 1M sites

Hackers are actively exploiting two security vulnerabilities in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins with the end goal of remotely executing arbitrary code and fully compromising unpatched targets.

Reports of threat actors attempting to abuse the two bugs in ongoing attacks have surfaced on May 6th as reported by Wordfence’s Threat Intelligence team today.

Attackers can wipe sites after successful exploitation

Elementor Pro is a paid plugin with an estimated number of over 1 million active installations that helps users to easily create WordPress…

More Info


Check Also

First Look at Twenty Twenty-One, WordPress’s Upcoming Default Theme – WordPress Tavern

Fashion is ephemeral. Art is eternal. Indeed what is a fashion really? A fashion is …