Exploited Elementor Pro Plugin Under Attack; Affects Over 11 Million Sites

A security vulnerability in the Elementor Pro website builder plugin for WordPress is under active exploitation by a threat actor. An authenticated user can take advantage of this to take full control over a WordPress site having WooCommerce enabled. The bug in the plugin, roughly deployed on over 12 million sites, impacts versions 3.11.6 and earlier.