A security flaw has been found in a famous plugin that puts over a million WordPress websites’ data at risk. Wordfence Threat Intelligence experts disclosed a hole in the Starter Templates – Elementor, Gutenberg & Beaver Builder Templates plugin assist contributor-level users to overwrite any page on the website and inject malicious JavaScript at will.

However, the flaw was fixed on October 7 and all users were suggested to upgrade to the new version 2.7.5 in order to avoid further exposure. Several users use the WordPress plugin to utilize pre-designed templates from other website builders including Elementor.