Critical flaw in WordPress add-on for Elementor exploited in attacks
From BleepingComputer to All on Wed Dec 3 17:21:36 2025
Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions during the registration process. [...]