Site icon Astra Security Blog

Zero-Day Vulnerability in The Plus Addons for Elementor Plugin Puts Over 20,000 Websites at Risk

An extremely critical zero-day vulnerability has been patched in the premium plugin – The Plus Addons for Elementor (Version 4.1.7) today on March 10, 2021. The Plus Addons for Elementor facilitates users to add a user login/registration form on their Elementor pages. The vulnerability allows anyone to create new admin users in all WordPress websites with the plugin installed (version <=4.1.6). The flaw also enables hackers to log in as current administrative users and hijack the website. Keeping in mind the severity of the vulnerability and the active exploits, the plugin developers released a patch today in the latest version of The Plus Addons for Elementor – version 4.1.7.

We hereby encourage all users of The Plus Addons for Elementor to update to version 4.1.7 immediately to be safe.

Users on the free version of the plugin are not vulnerable and are safe from the hack.

If you’re an Astra Security user, you are also well-protected from the compromise.

Indicators of compromise

Since the vulnerability is being actively exploited it is suggested to check if your website has already been hacked or not before you update the plugin.

These are some of the hack symptoms that have been identified so far in this case:

At Astra, we are already tracking a rise in WordPress redirection hack cases though we’re still determining if it’s related to this vulnerability. Although the possibility can not be entirely ruled out.

What can you do in case of zero-day vulnerability in The Plus Addons for Elementor Plugin?

If you are hacked, follow these step to get rid of the hack:

For next steps, follow this detailed WordPress hack removal guide.

For quick recovery, sign up for our immediate malware removal plan and our expert security team will clean your website in less than 4 hours.

Secure your WordPress website before hackers try to hack it!

Astra Website Protection has helped thousands of WordPress sites prevent cyberattacks.


A critical zero-day vulnerability followed by an exploit is going on in WordPress websites using The Plus Addons for Elementor plugin. Users on the premium plan are affected. All users are requested to update to the patched version of the plugin – version 4.1.7.

Exit mobile version