Update your plugin ASAP to close this security flaw that allows hackers to take over vulnerable websites.
By Matt Binder on
If your website is powered by the WordPress page-builder Elementor, double-check if you're using this popular plugin. Because, if you are, hackers can easily stage a complete takeover of your website thanks to a newly discovered security flaw.
Security researchers at Patchstack have released a new report(opens in a new tab) about a concerning cybersecurity issue related to the WordPress plugin Essential Addons for Elementor. The plugin provides users with an assortment of pre-built WordPress blocks and templates for use when creating or updating their website.
"This plugin suffers from an unauthenticated privilege escalation vulnerability and allows any unauthenticated user to escalate their privilege to that of any user on the WordPress site," writes Patchstack in its report.