Another worrying WordPress plugin security flaw could put 250,000 websites at risk

Ally was carrying an SQL injection flaw that allowed data exfiltration.
ZDNet

Over 1.5 million pages affected by the recent SQL injection attacks

In an attempt to mitigate the impact of the recent waves of SQL injection attacks, and provide more transparency into the approximate number of affected pages, the Shadowserver Foundation is starting ...

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...
Dark Reading

Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection

Attackers can exploit a critical SQL injection vulnerability found in a widely used WordPress plug-in to compromise more than 1 million sites and extract sensitive data such as password hashes from ...