Security researchers issued an advisory on six unique XSS vulnerabilities discovered in the Elementor Website Builder and its Pro version that may allow attackers to inject malicious scripts.

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025–8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions ...

Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin to install backdoors on sites. Elementor Pro is a WordPress page builder plugin allowing ...

Security researchers at Wordfence discovered a vulnerability on sites built with Elementor. The exploit is a type designated as a Stored Cross-site Scripting (XSS) vulnerability. It has the potential ...

Israeli company Elementor, the developer of a building platform for WordPress websites, has acquired Strattic, a web development and hosting solutions outfit based in Jerusalem, in an all-Israeli deal ...

Threat actors are actively exploiting a security bug in Elementor Pro, a popular WordPress plugin used by over 11 million websites. The security bug allows authenticated users like shop customers or ...