08 Mai Elementor Pro – Vulnérabilité de sécurité
Dear Elementor Pro users,
We are writing to let you know about a security vulnerability of Elementor Pro that was recently discovered and is now fixed following the release of version 2.9.4 on May 7th, at 11:30 EST.
In some cases, the vulnerability allows malicious files to be uploaded to the site via the Icon Sets Zip file uploading system. We want to emphasize that this loophole only affects Elementor Pro sites that allow new users to register independently.
As mentioned, we have now released a new version of Elementor Pro which resolves this vulnerability with two main fixes:
- Only Administrator role users can upload Icon Sets.
- Only authorized files can be processed via a ZIP file.
We strongly recommend that you update your current Elementor Pro version to the new 2.9.4 version.
We will continue to work around the clock to identify and address any security threats to assure the safety of your websites.
For more information about this issue, please visit our FAQ.
The Elementor Team