top of page

Critical flaw in WordPress add-on for Elementor exploited in attacks

3 december 2025 om 21:31:20

bleepingcomputer.com

Attackers are actively exploiting CVE-2025-8489, a critical privilege escalation vulnerability in the King Addons for Elementor WordPress plugin. The flaw allows attackers to gain administrative permissions during user registration. This represents an active exploitation scenario affecting WordPress sites using the vulnerable plugin, posing significant security risks to website administrators and users.

Related links:

https://www.bleepingcomputer.com/news/security/critical-flaw-in-wordpress-add-on-for-elementor-exploited-in-attacks/

Related CVE's:

CVE-2025-8489

Related threat actors:

No threat actors found in this article

Affected products:

King Addons for ElementorWordPress

IOC's:

No IOCs found in this article

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page