This is a public service announcement. If you use Elementor Pro and Ultimate Addons for Elementor, please get your site updated immediately.
The case was reported by Wordfence and involves an estimated 1 million installs for Elementor Pro and 110,000 installs for the Ultimate Addons for Elementor. Ultimate Addons for Elementor has reached out to customers separately on the 5th of April (2 days ago), asking them to update.
Sites with Elementor Pro versions of 2.9.3 and below, and/or Ultimate Addons for Elementor versions 1.24.1, are vulnerable to exploits. Furthermore, to keep your sites safe, subscribe to a cloud Web Application Firewall, like Sucuri, Wordfence or WebARX Security.
Personally, I manage 20 over sites and have been updating all sites under my care, immediately. Sites that I put my clients on, are all on WebARX Security, which helps prevent zero day exploits. But if you have been hacked, get your site cleaned up with MalCare.
If it helps, here are reviews for both software and why I highly recommend them, instead of Wordfence.