Elementor Patches XSS Vulnerabilities Affecting 7 Million WordPress Sites – WordPress Tavern

Elementor users who haven’t updated recently will want to get on the latest version 3.1.4 as soon as possible. Researchers at Wordfence disclosed a set of stored Cross-Site Scripting (XSS) vulnerabilities in the plugin to its authors in February, which was partially patched at that time and additional fixes were released the second week of March.

Wordfence summarized the vulnerabilities in a post published yesterday, accompanied by a detailed walkthrough of how an attacker might compromise sites using Elementor:

These vulnerabilities allowed any user able to access the…


More Info

About mblog.my

Check Also

The WordPress Community Comes Together in Taipei – WordPress.com News

The WordPress Community Comes Together in Taipei – WordPress.com News

Taking a look at WordPress.com’s presence at WordCamp Asia 2024 in Taipei, Taiwan. This year’s …

Leave a Reply

Your email address will not be published. Required fields are marked *