The Hacker News

WordPress King Addons Flaw Under Active Attack Lets Hackers Make Admin Accounts

A critical security flaw impacting a WordPress plugin known as King Addons for Elementor has come under active exploitation ...

Critical flaw in WordPress add-on for Elementor exploited in attacks

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions ...