This top WordPress plugin had a security flaw that could let hackers hijack your site

Wordpress brand logo on computer screen. Man typing on the keyboard.

Probably the most well-liked web site builder plugins for WordPress carries a high-severity vulnerability that risk actors can use to take over the susceptible web site fully, researchers have warned.

Cybersecurity researcher Jerome Bruandet from NinTechNet stated he found a flaw in Elementor Professional that enables an authenticated attacker to create an administrator account. That provides the attackers a variety of potentialities, together with one which’s being actively used – to redirect all visitors to an exterior malicious web site.