Dear @okeydigital ,
We deeply apologize for the inconvenience and breach of trust caused by the recent security vulnerability in Essential Addons for Elementor. We fully understand the frustration and concern this issue has caused you, and we take it very seriously.
Please note that, Upon being informed about the vulnerability on 8th May 2023, we immediately initiated our response plan. Our development team worked tirelessly to develop and thoroughly test a patch, and Essential Addons for Elementor version 5.7.2 was released on 11th May 2023. This version addresses the reported vulnerabilities and implements enhanced security measures.
We would like to assure you that we have taken additional steps to address the situation. We have reached out to the WordPress plugin support team and successfully pushed an automatic vulnerability update for sites with the vulnerable version of Essential Addons. This update helped ensure that Vulnerable websites are protected against the identified security issue.
We have also sent out an email notification regarding the vulnerability to all of our users. We also publish a blog regarding this. We apologize if you did not receive our email communication. We can understand how important it is to promptly inform our users about critical matters like this. Please take a moment to review the screenshot here: https://d.pr/i/W1Z1VL. It’s possible that the email may have been overlooked or filtered by your spam filter, leading to a lack of awareness about the situation. We deeply regret any inconvenience caused by this communication gap.
We genuinely apologize for the impact this security vulnerability has had on your websites and the additional work it has imposed on you. Your trust and satisfaction are of utmost importance to us.
Note: We advise you to thoroughly check for any unauthorized administrator users and any left-behind malicious code. Pay close attention to the “wp-content/plugins” directory and your existing themes and delete any folders that you do not recognize, especially those similar to the “posts-layouts” plugin or any other suspicious plugins and themes.Please ensure to follow this?instruction?and make sure that you are using the latest versions of all plugins installed on your websites, especially Essential Addons for Elementor. Our most recent update,Essential Addons for Elementor version 5.7.4 & Essential Addons for Elementor PRO version 5.4.11 includes security enhancements and fixes for vulnerabilities.
Again we sincerely apologize for the distressing experience you encountered due to the security breach. We sincerely regret any inconvenience, frustration, and loss of time you have endured while resolving the aftermath. If you need any additional help or any guidance, please feel free to reach us. We are always here for you.
