An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without authentication. [...]
SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
Résumé + lien vers la source. Sans paywall, sans tracking.