Introducing MERENA+ — our premium tier with your personalized safety dashboard, risk score, and all security tools. Sign up and cancel risk free in the first 14 days.Learn More
MERENA
Informational Alert

Critical Security Flaw in WordPress Plugin Puts 20,000 Websites at Risk

A serious security issue has been found in the LA-Studio Element Kit for Elementor, a widely used WordPress plugin. This flaw allows unauthorized individuals to create administrator accounts without needing any login credentials, potentially leading to full control over affected websites.


Who is at risk

Owners and administrators of WordPress sites using the LA-Studio Element Kit for Elementor plugin.

What to watch for

Unexpected new administrator accounts appearing in your WordPress user list.

What to do

Immediately update the LA-Studio Element Kit for Elementor plugin to version 1.6.0 or later to fix this vulnerability.