You would have seen people saying that free is something that you should avoid as it always comes with a price tag. Because we have seen that if there is something available for free then there is a chance malware or something else would be included with it. This is especially true if you have found out something that is originally paid but being distributed for free. So it is better to avoid such things because we know nothing comes for free nowadays. Having said that, what if the items you have paid for and are 100% legal also get hacked.
Yes, this has been the case recently as a new report has been found out in the WordPress circles. As we have mentioned previously, WordPress is one of the best CMS out there which is used by millions every day. So if there is a bug or hack inside the WordPress ecosystem, millions get affected as well. This new report is regarding a paid plugin available for WordPress which is very popular among users as well. We are talking about Elementor Pro and if you are using this plugin on your site, it is better you disable it for the time being.
Now that you have done that, let’s get to the report regarding this plugin being hacked. Elementor Pro is basically a site builder which lets you drag and drop elements and create a website with ease. There is a critical vulnerability found inside this plugin which can let hackers install backdoors or web shells to maintain access to the compromised sites, gain full admin access to fully compromise it, or even wipe the entire site. It is also worth noting that Elementor has been quick to respond to this threat as they have released Elementor Pro 2.9.4 which fixes this vulnerability so update as soon as possible.