Security News Critical flaw in WordPress add-on for Elementor exploited in attacks BleepingComputer Daniel Bender 03 Dec 2025 Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions during the registration process.
