[ad_1]
I’ve been using it for a while. Eventually I want to switch to something more technical, maybe oxygen or even headless wordpress with something like react, but for now I want to know how safe Elementor is while I’m still using it.
I’ve actually not seen any security related elementor content, on reddit or anywhere else, which leads me to believe that it’s a pretty safe plugin? If it is not, what steps can I take?
[ad_2]
They have a bugbounty project so they at least pay something for issues: [https://elementor.com/bug-bounty-programs/](https://elementor.com/bug-bounty-programs/)
As every other WP plugin they do have some history:
[https://patchstack.com/database/vulnerability/elementor](https://patchstack.com/database/vulnerability/elementor)
Just make sure you are up to date and have the normal WP security best practices (google).
I have been using Elementor for several years for multiple clients with no security issues. From my experience, security isn’t just about the plugin; of course, choosing a badly outdated plugin can harm your site if it’s poorly coded and not updated. However, Elementor has a big team behind it, and there are lots of Reddit and Facebook groups as well. I wouldn’t worry about a plugin of this type at all, as I use both the free and Pro versions.
Elementor regularly announces vulnerabilities. There were several as recent as 26 March. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/elementor/elementor-website-builder-more-than-just-a-page-builder-3202-authenticated-contributor-dom-based-stored-cross-site-scripting-via-path-widget
If you’re going to use it, it’s critical you keep on top of updates.