A high-severity vulnerability in Elementor Pro is causing WordPress websites to be exploited by hackers. Researcher Jerome Bruandet from NinTechNet found the exploit on March 18th 2023.
Elementor Pro is a popular WordPress page builder, and when v3.11.6 or below is coupled with WooCommerce, it will allow hackers to gain access to the website and inject malware or even do a complete site takeover. Elementor Pro is safe when not coupled with WooCommerce.
Thankfully Elementor has rolled out a fix in v3.11.7 so if your Ecommerce website is using Elementor Pro and WooCommerce, do you plugin updates today or make sure your web developer has completed them.
If you need help with a hack recovery or security maintenance, get in touch today.