The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites.

Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin to install backdoors on sites.

Threat actors are actively exploiting a security bug in Elementor Pro, a popular WordPress plugin used by over 11 million websites.

Hackers exploit WordPress plugin flaw that gives full control of millions of sites Elementor Pro fixed the vulnerability, but not everyone has installed the patch.