The Elementor page builder plugin itself patched a similar vulnerability in February 2021. This vulnerability affects add-on plugins for Elementor that are created by third parties.

XSS vulnerability affecting up to +200,000 WordPress installations discovered in Elementor add-on plugin, Jeg Elementor Kit.

Hackers exploit WordPress plugin flaw that gives full control of millions of sites Elementor Pro fixed the vulnerability, but not everyone has installed the patch.

Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin to install backdoors on sites.

A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams.

More than 12 million WordPress-sites utilize Elementor. According to the WordPress Plugin Directory, more than 1 million active websites have the Essential Addons for Elementor installed.