600,000 site owners are yet to update the Essential Addons for Elementor plugin
They are exploiting security bugs in four WordPress plugins and 15 Epsilon Framework themes
The attacker used a compromised password to access the company's provisioning system for Managed WordPress
None of the applications, including the APIs, dashboard and customer data, were affected by the attack
Security researchers claim over 100,000 sites potentially affected, with the vulnerability available for attacks for weeks
Wordpress removes popular plug-in over security fears