Join in the Media
4 mentions across press, blogs, and newsletters
March 2026
TechRepublicTech Media
Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk
A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in. The post Security Flaw in WordPress Plugin Pu
Mar 12, 2026
eSecurity Planet
400K WordPress Sites Exposed by Elementor Ally Plugin SQL Flaw
A SQL injection flaw in the Elementor Ally plugin exposes over 400,000 WordPress sites to potential data theft. The post 400K WordPress Sites Exposed by Elementor Ally Plugin S
Mar 12, 2026
Security Affairs
Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites
An unauthenticated SQL injection flaw (CVE-2026-2413) in the Ally WordPress plugin, used on 400K+ sites, could allow attackers to steal sensitive data. An unauthenticated SQL injection flaw, tracked as CVE-2026-2413 (CVSS score 7.5), in Ally plugin could allow attackers to steal sensitive data. The
Mar 12, 2026
BleepingComputer
SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without authentication. [...]
Mar 11, 2026