We shouldn’t need to say, “Check your inputs!” these days, but we’re saying it anyway.
If you run a WordPress site and you use the Elementor website creation toolkit, you could be at risk of a security hole that combines data leakage and remote code execution.
That’s if you use a plugin called Essential Addons for Elementor, which is a popular tool for adding visual features such as timelines, image galleries, ecommerce forms and price lists.
Wai Yan Myo Thet, an independent threat researcher, recently discovered what’s known as a file inclusion vulnerability in the product.
Click here for the full article: Elementor WordPress plugin has a gaping security hole – update now