10,000 WordPress sites still vulnerable due to vulnerability in Elementor add-on


WordPress sites that are not updated with the latest security feature are vulnerable to attack. The sites use The Plus Addons for Elementor, which is a page builder that takes the place of the standard WordPress editor and adds all kinds of additional features to your website.


More than 30,000 WordPress sites are said to be using the Plus Addons plugin, which adds various widgets for registering and logging in users. One of these widgets contains a vulnerability. This vulnerability was rated 9.8 in severity on a scale of 1 to 10.


A patch was released on March 9th by the developers of the add-on. According to security company Wordfence , almost sixty percent of websites have already installed it. At least ten thousand websites have not done so, and they are at risk.


Wordfence claims it has observed millions of attacks where attackers targeted the vulnerability in The Plus Addons. Once attackers have compromised a website, they add JavaScript, among other things, that redirects visitors to rogue websites.

Previous Post Next Post