More than 15 add-ons for the WordPress plugin and famous website builder Elementor have been found to have vulnerabilities by the Wordfence Threat Intelligence team.
These 15 Elementor add-ons are built on over 3.5 million WordPress sites, and Wordfence discovered over 100 vulnerable endpoints in total.
Many of the insecure add-ons have been patched, according to Wordfence. Wordfence approached the WordPress repository directly to get the vulnerable add-ons checked in these situations.
Sites using Elementor with several contributors who are running an unpatched version of one of these add-ons should be considered vulnerable. As a result, Wordfence advises site owners to update as soon as possible.