Critical flaw in WordPress add-on for Elementor exploited in attacks

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for ...
Searchenginejournal.com

WordPress Ultimate Addons for Elementor Vulnerability Affects +1 Million

The publishers of the Ultimate Addons for Elementor plugin notified customers of a vulnerability affecting two of their plugins. The two affected plugins are addons for the popular Elementor page ...
Infosecurity-magazine.com

Essential Addons for Elementor XSS Vulnerability Discovered

A critical security vulnerability in Essential Addons for Elementor has been identified, potentially impacting over two million WordPress websites. The flaw, a reflected cross-site scripting (XSS) ...
Searchenginejournal.com

2M+ WordPress Sites Hit By Essential Addons For Elementor Vulnerability

Two Stored Cross-Site Scripting (XSS) vulnerabilities could allow attackers to inject malicious scripts into WordPress sites XSS vulnerabilities originated with inadequate sanitization and output ...
Bleeping Computer

Hackers target vulnerable Wordpress Elementor plugin after PoC released

Website owners using the 'Essential Addons for Elementor' plugin are advised to apply the available security update by installing version 5.7.2 or later immediately. "Considering how easily this ...
Mashable

This WordPress plugin for Elementor leaves websites vulnerable to hackers

A popular plugin for WordPress website builder Elementor has a serious security flaw. Credit: Filip Radwanski/SOPA Images/LightRocket via Getty Images If your website is powered by the WordPress ...