We hate to break this to you, but a new critical zero-day vulnerability was found in the famous Elementor Page Builder Pro plugin (source). The vulnerability allows an attacker to upload an arbitrary file, which could lead to remote code execution.
Apart from that, this new vulnerability is actively exploited and Element Pro users are urged to update their Elementor Pro plugin immediately. At this point of writing, Elementor Pro plugin had been updated to version 2.9.4 which is free from the exploit.
Here are some information about the vulnerability in Elementor Page Builder Pro plugin:
Threats found on your website may leads to SEO results degradation in Search Engine Results Page (SERP), blacklist or other sanctions. Therefore, it is extremely important to update your Elementor Pro plugin right now.