Episode 69: The Meteoric Growth of Elementor with Kfir Bitton

On February 26, WordPress page building platform Elementor announced that they had received $15 million in venture funding. After topping 4 million installations of their plugin in January, it appears that Elementor is on a path to do some big things with WordPress. This week, we chat with Elementor CRO Kfir Bitton from his office in Tel Aviv, Israel about how Elementor grew so quickly, what’s next for this plugin-turned-platform, and how Elementor strives to give back to the WordPress community.

Of course, we also have a few news stories including how COVID-19 is affecting WordCamps, the Let’s Encrypt domain control validation bug, and the coupon creation vulnerability in WooCommerce Smart Coupons.

Here are timestamps and links in case you’d like to jump around, and a transcript is below.
0:55 The effect of COVID-19 on WordCamps includes Wordfence’s decision to suspend attendance, followed by others, and a statement from Josepha Haden to embrace the local nature of WordCamps, as well as a post discussing livestream support.
4:40 Let’s Encrypt certificates revoked due to a domain control validation issue.
6:20 Coupon Creation Vulnerability Patched in WooCommerce Smart Coupons
8:15 Elementor Kfir Bitton interview

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.

Have a story you’d like us to cover? Let us know! Contact us at [email protected]!

Episode 69 Transcript

Kfir Bitton:
You have Elementor helping you build websites quicker, but then if you want to make your own custom poetry, you need to go and write your code or add code, you can do it.

Kathy Zant:
Welcome to Think Like a Hacker, the podcast about WordPress, security, and innovation. I am Kathy Zant. I am Director of Marketing here at Wordfence. This is episode 69. We have a few news stories of note this week and an interview with Kfir Bitton, the Chief Revenue Officer at Elementor. I ask of you, how Elementor has taken the WordPress world by storm. That plugin is now installed on over four million WordPress websites. I also ask what the $15 million in funding they received last week means for their users. I hope you enjoy that interview, but first, the news.

Our first story is about COVID-19, or the Coronavirus, affecting so many people worldwide right now. On Sunday, March 1st Wordfence CEO Mark Maunder released a blog post explaining our decision to cancel attendance at WordCamps during 2020 or until we see a change in the trajectory of infection with the Coronavirus that’s affecting so many people. Obviously, WordCamp Asia was canceled because of this virus. WordCamp Washington DC, WordCamp Geneva, Switzerland, and the WordPress retreat in Soltau, Germany have also been affected. On Wednesday, March 4th Josepha Haden, Executive Director of the WordPress project posted to on make.wordpress.org, “Encouragement for WordCamp attendees to minimize WordCamp travel and for WordCamp organizers to embrace their local nature.” On Wednesday afternoon also Adam Warner announced via Twitter that GoDaddy would be suspending travel temporarily as well.

We were a gold level sponsor of WordCamp Miami. We were hoping to participate in the game show, which is a big part of WordCamp Miami and something we were very much looking forward to. Our team was incredibly sad not to attend this event. It was excruciating to join in on Twitter and see everyone having such a great time connecting. In hindsight, however, as we’re seeing the trajectory of this virus’ spread, it does appear to be the right decision.

Now, we want to be abundantly clear. This in no way means that Wordfence is pulling back from the WordPress community. Our rationale is exactly the opposite. Now we’re security professionals, some call us security nerds, you can call us that, too. We’re looking out for the security of everyone in WordPress and even our communities beyond WordPress. We’re looking out for the least of us, for those of us with immune issues, those of us who would be hardest hit by this infection by ensuring that we’re not on planes or at events contributing to the spread of this virus. We’re hoping to protect our friends and our family, to protect grandparents and parents, and the least of us throughout communities. We will see you again. I’m certain I can promise that. We just feel there is a moral imperative to protect those who have less access to healthcare, who stand to suffer the most, and of course we encourage you to make the right decision for yourself, but we also ask that you consider others in doing so. And of course WordPress is not the only community affected by this.

There have been larger conferences around the world that have been canceled, but I think there are opportunities here. Now, if you’re listening to this podcast and you’re involved in WordPress, you are one of us. You’re one of the leaders in digital technology that connects people and helps to share information. How can we leverage what we know and what we can do to help others, those who don’t have those capabilities with WordPress, what can we do to share our knowledge and to encourage that the internet can help keep those connections alive online? How can you be of service when the world needs us most? I think there’s some opportunities we can explore here and with that I will link a discussion on make.wordpress.org about how they are trying to foster that kind of connection as well. And with that, let’s just hope for a fast resolution to this worldwide health crisis, and we hope that you stay safe.

Our next story, Let’s Encrypt, the certificate authority that is securing connections between web servers and browsers worldwide, announced that three million TLS Certificates needed to be revoked due to a certificate authority bug. This was about 2.6% of active certificates, and it came about due to a flaw in the way domain control validation processes worked. Details are on our blog, and if you’re affected by this, you probably already know either your hosting provider or Let’s Encrypt have already contacted you. The biggest issue would be security warnings on your site to your site visitors that the connection wasn’t secure or that the certificate was no longer valid. Now at this point, the biggest question some folks have had is whether or not this means that Let’s Encrypt is not a good certificate authority. Our position is that what they’ve done is exactly how you want a certificate authority to act. They’ve acted with complete transparency,, with honesty. They’ve rectified the situation, reported that themselves and even provided tools that allowed people to determine if they’re affected.

Now, if you’re listening to this podcast, you’re aware that bugs and vulnerabilities happen in software development. And certificates are about trust, and you want to ensure that the certificate authority that’s issuing those certificates is acting with integrity and honors the trust that we place in them. We just wanted you to be aware that this was happening and hope you were not affected by this bug.

Our last story is about a coupon creation vulnerability patched in WooCommerce Smart Coupons. This is a premium plugin and our estimates that about 90% of the plugins installed on WordPress sites worldwide still have this vulnerable version running. Wordfence Premium users have a firewall rule on their sites right now protecting them, but free users, people are still on the free plugin, won’t receive that rule until March 25th. This vulnerability allows an attacker to create a coupon that could be utilized to obtain free merchandise. I wanted to highlight this because this vulnerability is due to improper access controls. If you’re developing WordPress plugins and themes, validating user capabilities needs to be done for any privileged activity. Hooking code into functions like admin_init or attempting to secure functionality with is_admin checks is dangerous and ineffective.

If you need more explanation about this, look for Ram Gall’s talk from WordCamp Phoenix. It’s on our YouTube channel, and he explains how numerous plugin vulnerabilities can be attributed to developers not effectively using these. For more information, there’s a link in the blog post on the coupon creation vulnerability patch that links to the WordPress codex entry for current_user_can, which will assist you in making your plugins more secure. And with that, we are done with the news. Next up is my interview with Kfir Bitton from Elementor. We hope you enjoy.

Hi everyone. This is Kathy Zant with Wordfence and this is Think Like a Hacker, and today we have a treat talking to Kfir Bitton who is the Chief Revenue Officer at Elementor. Kfir, thanks for joining me today.

Kfir Bitton:
Hey, thank you for having me.

Kathy:
You guys have some interesting news in the last week, huh?

Kfir:
Yeah, actually exciting times for us. We actually announced a few days ago about our funding that we’ve got from the amazing partner that we hooked up with, which is Lightspeed Venture Partners. Really exciting days for us taking Elementor to the next step.

Kathy:
Yeah, you guys got what, fifteen million?

Kfir:
Yep. That’s the number.

Kathy:
That’s a big number. So I’m expecting you guys are going to do some pretty big things with that.

Kfir:
So actually we have a very packed roadmap almost in every probably aspect in the business. Some of them related to how we scale a business. How we grow up as a company, how we take our roadmap in terms of the product and services that we want to give our user base and take it to the next level. How we do it better, how we do it faster. So lots of things very interesting and challenging ahead.

Kathy:
Excellent. Now Elementor, you guys have not been around that long, but you’ve had this sort of meteoric growth. Can you kind of give for anyone who has been living in a cave somewhere, doesn’t know what Elementor is. Maybe we should give an overview of what Elementor is and just kind of the history of the company and how fast you guys have grown.

Kfir:
So really quickly, Elementor is the leading website builder platform for professional on WordPress. We serve professional web creators as we like to call them, which are developers, designers, and marketeers. And we’ve launched Elementor at around 2016 so not that long ago. And I think the most important thing Elementor achieved, which is mostly by the two amazing founders Yoni and Ariel, is that they’ve hit the nail on a very critical pain that exists within WordPress users, specifically ones who wants to be websites, and that is allowing them to have a website building editor, which is gift for their pains, whether it’s going to be a design ones or just removing the friction of having to write code on an open source platform, which is WordPress obviously.

Really quickly after June 2016 where Elementor was launched, the company was actually founded the year before that. I think the first milestone was I think April 2017 where we’ve hit 100,000 websites built on Elementor. The first one million website built on Elementor was July 2018 and then really quickly surpassed the point of four million websites in January 2020, really a hyperbolic curve of growth. A lot of it comes from the product-market fit, the community, which is I think our greatest claim to fame. We love the community and we get a lot of love from the community. So I think these are the two things which really stand out.

Kathy:
Yeah. So how did you introduce Elementor to the community?

Kfir:
So Elementor had several points of evolving at the beginning. So I think at the beginning Elementor went out as only at the core. So there wasn’t a pro version I think for six months. And the way Elementor emerged because Yoni and Ariel, both of them were WordPress community members, active community members, years before that, both of them together founded up an agency where they built websites for others, just like the rest of our users and customer base of Elementor. So they really had this pain of trying to figure out how to build websites and get to stay profitable. The margins were really low. They were running after the tail, trying to catch up with getting the next project, the next business that they’re going to build a website in some of the cases actually maintaining the website and helping them do tweaks and amendments and extensions.

Kfir:
But it was the same thing all over again. With every website that they’ve built as an agency, they encounter the same problems of setting up everything from scratch, doing a lot of the same work again and again without ability to scale the operation in terms of efforts and profitability. And then they said, “You know what, let’s build a tool which is going to help us become more efficient.” So they build their first tool for themselves, they actually called it the Pojo at the time, and they build their own tool and then they said, “Okay, maybe we can, let’s have other people enjoy Pojo.” So Pojo was out and then Elementor, they decided to build the rental ended to extend it. I’m not going to take you through every step though. But basically there was another leap day where they decided to take the product into a more extensive way and say, “Okay, let’s build a full solution still on an MVP level.” Right?

Kfir:
So it was very lean at the beginning, and it was about allowing themselves and then others [to] build websites in a very efficient way. And then so Elementor was emerging as a call and after six months they said, “You know what? We are adding more features.” A community was being built. They were asking for lots of requests, they liked it a lot. Said, “Look, we need to scale up the operation. Let’s offer the pro version so we can basically fund the operation.” So this is how Elementor emerged.

Kathy:
Excellent. It sounds like with that initial launch that they were really looking at not only what was going to solve their own needs, but close trusted friends and close people in the community where there was already a relationship and leveraged those relationships in order to really understand their customers and their customers’ customers. Does that sound about right?

Kfir:
It sounds right. I think the thing which strikes me the most when I joined Elementor is understanding that when I’m talking to Yoni and Ariel or for that matter to any employee, which is within Elementor for years now, is that we’re not talking to our customers, we’re not talking to your Yoni or Ariel or to the other team members we’re talking to Elementor as to WordPress website builders. It’s amazing. You don’t see Elementor talking to the user and customers because you’re seeing everyone here is Elementorist in soul, right?

Kfir:
So we have a very strong connection here to our users to the level that over 70% of the features that we have deployed last year came as a request from the community. So it’s really the Pro that is shaped in many ways by the community. So we deployed I think over 280 different features in the past 12 months, and we’re excited about it because again, most of them are driven and generated by the community. So in many ways we are a part of it. So we’re not talking to, it’s not us and them talking to each other. It’s all of us together.

Kathy:
It sounds like a community-driven plugin.

Kfir:
So yeah. By the way, we want to call Elementor today a platform because I think we are expanding into, we are more than just plugin today. There is a full ecosystem around us. I think we are now over a hundred add-ons building for Elementor. So there is an ecosystem within the WordPress ecosystem and yes, I think that’s communities like the greatest thing that we actually have and we cherish it a lot.

Kathy:
That’s amazing. Now are you doing similar things to what WordPress does in terms of meetups, and how do you help someone who’s brand new to Elementor sort of understand what they can do and empower them with the platform?

Kfir:
So thank you for that question because I think that’s another key component to Elementor success and a lot of the work that is being invested here by the teams is that we in Elementor, we understand that there’s a lot of knowledge building a website and as a proxy building your business as a service provider, takes a lot of effort and lots of knowledge and understanding that we provide guidance both to aspiring web creators and also as well as to advanced web creators. So that means that with every feature release we’re going to issue a video. It might be three minutes long, it might be an hour long, explaining how to use each of these features in a very efficient and simple way so that’s going to be one critical elements. That’s, we call it the knowledge hub. There is a learning team here which is led by Sal, and we actually invest a lot in it.

You can see our YouTube channel with over I think 130,000 subscribers. It’s growing, I think in Israel today compared to other companies, including by the way, Wix, we have the biggest YouTube channel, which is almost entirely filled with videos and tutorials about how to use Elementor in a proper way. So having hundreds of widgets, the theme builder, the pop up builder, you need to know how to navigate it when you are starting building a website, might be even just a simple landing page. So that’s one core component in our educational or learning process. And I think as we move forward, part of our strategy is to build an academy, which is going to be a source of knowledge, not only in website building, but also in business and how to help our web creators become more successful at what they do.

The second part is understanding that there is a need on a local basis. So whether it’s a language barrier, whether its unique requirements that is being driven for people who live in Sao Paolo, web creators in San Paolo, or in Berlin, or in anywhere in Asia. We actually have customers form 150 different countries. So we understand that going local and stay connected beyond our global community, which is manifested today mostly on our Facebook community, which is 70,000 strong. It’s actually a bit less, I think it’s 60,000 but then we have another 15 or 16,000 on our GitHub community. So beyond the global community, we understand that local is very important for us.

So last year I think we had over a hundred different meetups in 2019 and this year we are planned for over 500 meetups in more than 130 cities if I’m not mistaken. And that is being led by Nofar on our team, she’s doing amazing job, and we’re getting more and more local leaders helping us and we’re supporting them. Whether it’s in funds, whether in generating knowledge for them in finding the right venues, and just really with anything that they do, we are just there to support them. They dictate the agenda, talking about their pains. We are trying to bring insights and information to the best of our ability, but that’s a core for us to figure out in which areas where there is a need for web creators, we are going to be there.

Kathy:
And does that local outreach, does that also help you inform the product development process?

Kfir:
Yes, for sure. That’s yet another stream of information that we’re getting. So we’re talking to web creators and we understand that there are specific needs, or it’s either that they are strengthening and understanding of what we actually already know and that we need to develop or improve. We get recognition or support to specific avenues of where we want to take the products. We’re asking them. We were doing lots of surveys over there, not necessarily only within the local meetups, but generally speaking, that’s our core source of understanding shifts and trends of website building and what’s missing for them. And obviously there’s the different type of persona so you can talk to the marketeer and they would highlight specific needs, and the designers would have their own needs and also the developers. So we actually toggling between these three areas of marketeers, developers and designers and figuring out how to best solve it within our product roadmap or services.

Kathy:
Elementor, I started using it just a few months ago. I saw your booth at WordCamp US and I was like, “Whoa, they’ve got some something going on. I need to take a look at this.” So over the holidays I actually started playing with Elementor and was able to show some people that I support with WordPress who are non-technical, show them how Elementor works, and then they took it and ran with it. So the ramp up was really easy. So it’s kind of interesting that you have a tool that is, that someone technical can just dive in and use, but also non-technical people can ramp up really easy with Elementor. How were you able to sort of meet those disparate needs?

Kfir:
So I think that’s maybe that’s where Elementor hit the nail on its head, so to speak. It’s product-market fit is understanding the core pains. It’s not like just solving another… It’s not improving something. It’s solving a core pain. And the way we did it and when I say we, is mostly attributed to the founders because they actually build this product in their bare two hands or four hands in that matter, is that they experienced these pains, every pain. When you’re talking about website building and what does it mean, we actually have some very extensive debates here on what website and what’s the core definition of a website? Is it the page? Is it five pages? Is it the page with a form? There’s so many ways to tweak it or to define it, and we debate on what is a webpage, or what is a website and what does it mean to build a website today and what does it mean to build a website tomorrow?

So I think the short answer is that understanding these core things is what brought this solution that caters and addresses the needs of the different type of customers, whether they are the developers or the designers. So that’s going to be the critical part. The second part is that it’s an open source. As in an open source and specifically on WordPress, if you’re a developer, it saves you time. So you don’t need to write the code every time yet again and again. You have Elementor helping you build websites quicker.

But then if you want to make your own custom approach to it of the way you build it or the specific website where you need to go and write your code or add code, you can do it where most of the closed systems you just can do it. So I think that’s answering specifically the ones who don’t know code or literally afraid of it, and the ones who knows code and they are developers at core but they want to take their assets are a unique proposition and bring it into realization by having Elementor as a friction-reducing platforms and building beautiful websites very fast. But then if they want to make their own tweaks or being in their own valuable position into it, they can do it by moving into a code mode, so to speak.

Kathy:
Yeah, so it’s a platform that will basically support people wherever they are at on that spectrum. That’s really cool. Talk to me a little bit about what the future of Elementor is going to look like. I mean the fact that you’ve grown so fast, now you’ve got $15 million in funding, what are some of the things that WordPress users and Elementor users can expect coming up in 2020?

Kfir:
We’re starting from the basics. So the basic is how we scale a business. There was lots of inner growing pains for every business as it’s called serial entrepreneur. You can see companies in their growing pains and how we take these huge responsibility over having very big community and users and how we take it to the next step. So I think most of it is going to be focused again about the community and about what they need. We keep listening to them all the time. We’re talking to them and figuring out where are the core needs. Obviously we cannot address every specific need, but we understand that where are the trends? What’s the biggest pains for web creators? Both the advanced and the ones who want to get into this business of building websites and providing these services. So I think A, is going to be extending the platform. We want to take Elementor and extend the platform to a wider spectrum so it’s going to be end-to-end solution for web creators. So that’s going to be one thing.

Second part it’s going to be making sure that we keep the pace of deploying the new features and for the clients. So it’s going to be both more features and also more or new products that we’re going to introduce. Some of them are going to be very soon. We’re going to keep the surprise for the moment that we are going to announce them. The second part is making sure that the platform is going to be stable at scale. That’s a problem that companies who are growing need to put lots of attention to it, so it’s going to be making sure that the platform is stable. We are putting lots of emphasis on security, and we’re going to put a lot of emphasis on support. We’re getting tens of thousands of support tickets on a monthly basis. We really want to make sure that our support is going to be to the best that is possible. So that’s going to be another point of focus.

The third component is taking the community to the next level. Meaning investing even more in it, supporting more local meetups in providing more information, get in touch with them, setting them up with, let’s call it arenas where they can have more extensive and advanced conversations specifically for the advanced web creators about things which are undermined and they want to have partners to talk about it. And we can offer some of the information because we have lots of knowledge, so we want to share that. So that’s going to be another part where we’re going to invest our money and our effort.

I think the fourth component would be infrastructure. So seeing company that at a scale that we are, and at least what we are imagining will be in a year or two or three from today, we need to invest significantly in infrastructure. That’s going to be both technological one but also in terms of growing to where currently 130 employees we are planning in spread by the way in over fifteen countries scanning up to more than 200 and then some is another challenge. So infrastructure of how we get to stay connected and …. So these are the core areas. Yeah.

Kathy:
Okay. Are you a completely remote company or do you have offices in Tel Aviv?

Kfir:
So we have our headquarters in Tel Aviv I think we are here like 85 or 90 and then the rest of them are other countries, and I think this is the way we’re going to keep it, at least for now because it’s working for us very well.

Kathy:
Yeah. Okay, cool. Can you talk to me a little, well since Wordfence, we’re sort of a security-focused podcast and you mentioned that you’re going to have more emphasis on security, can you talk to me a little bit about what that means for Elementor?

Kfir:
So I think like in any other company, and I’m not a security guy here, but I can tell you that with size comes responsibility. We are aware to generally speaking security issues, and we understand that it involves information and then websites of businesses. And then it’s also the source of income for our users and customers. So we want to make sure that we provide a safe and secure environment to work with and to make sure that the websites that are being operated on WordPress with Elementor are going to be secure to the best possible.

Kathy:
Not only just making sure that Elementor is secure, but you’re supporting your customers as well and making sure that their installations of Elementor and whatnot are secure as well?

Kfir:
Yep.

Kathy:
Gotcha. Okay, cool. Is there anything else that I haven’t asked you that you’d like to talk about?

Kfir:
I think actually you, we’ve covered lots of it. I think maybe just one point relating the fact and thank you for mentioning that about WordCamps. We donate there, and we contribute as we see it as part of Elementor. We have actually two other plugins. One of them is for accessibility. Both of them are with a total of over 120,000 active users. So it’s part of our philosophy or culture so to speak, is making sure that we contribute back. It’s important to us. So I think WordCamps the first one we’ve actually sponsored was in WordCamp US, last year and this year we’re going to sponsor, we’ve actually secure that, I think you’re the first one to know. So here you go. We are going to sponsor a WordCamp Porto in Europe and we’re going to be looking to do the same again also with WordCamp US and hopefully we’re going to be able to sponsor another few local events in the US this year.

Kathy:
Oh that’s excellent. Well if WordCamp Phoenix comes on your radar for next year, I am the sponsor coordinator for that. So I will stay in touch with you. We have a great a WordCamp here in the Southwest of United States. We get about 500 people came and it kind of kicks off…

Kfir:
Oh that’s a lot.

Kathy:
It is and we draw from Southern California as well and because we have it in February when the weather in the United States, the Northern part of the United States is pretty bad. Everybody likes to come to Phoenix and escape the snow. So it’s kind of a destination WordCamp. So we would love to have Elementor here. I think you guys would enjoy it, and it’s so exciting that you guys are jumping into the community and really supporting the WordCamps. Did you have a lot of good experiences at WordCamp US last year?

Kfir:
Actually, it was enlightening just to see everyone, to talk to people to find like, I think the best thing is to get the acknowledgement and the love from our users. As a marketeer thing, the fact that we have people coming and asking to take the t-shirts or the hoodies with the Elementor logo and just walk with that and be proud of the fact, and getting literally genuine, honest, heartwarming feedback saying, “Guys, you’ve changed my life. Literally you’ve changed the way I live and I got a profession, and I’m working and I can provide for myself. Or my business extended significantly.” These are the moments where you go back and say, “Wow, that’s really amazing, and let’s do more of that.” So I think that we all came back really excited out of it and said, “We need to do that more.”

Kathy:
It’s a humbling experience to have those kinds of conversations and it just brings it back to me what we’re here for: to serve the WordPress users and serve the WordPress community. And it gives you sort of that passion and purpose for what we’re here for. Well, Kfir, thank you for joining me today. It was really great to hear how Elementor has grown and I’m so excited to watch now that I’m also an Elementor user.

Kfir:
We thank you for that and welcome to Elementor community.

Kathy:
You know what? I can tell you it’s changed my life because I’ve turned everybody on to WordPress and yet sometimes they’re asking, “Well, how do I make my site look like this? Or how do I do that?” And now I can show them, and now they get to do things that are above and beyond anything I could ever show them because of Elementor. So it’s changing my life and that I’m not doing as much tech support or dev myself because I can show people, I can empower other people to do it. And so Elementor’s very good for me. It gives me more free time. Thank you.

Kfir:
That’s amazing to hear. Thank you very much.

Kathy:
Great. Well thanks for joining me and we’ll talk to you soon.

Kfir:
Yeah, definitely. Thank you very much for having me.

Kathy:
We hope you enjoyed the interview with Kfir Bitton. A random factoid Kfir shared with me, his name actually means “small lion” in Hebrew. I thought that was pretty cool! If you’d like to learn more about Elementor, you can find their free plugin in the plugin directory and more information about them on elementor.com. Their YouTube channel has a ton of tutorials on how to use their product and even some great general WordPress tutorials.

As always, I’m @KathyZant on Twitter and I’m kathy AT wordfence DOT com. I would love to hear from you if there’s someone else in the WordPress space that you’d like me to interview, or maybe you think you’d like to be interviewed. Reach out!

We’ll talk to you soon.

The post Episode 69: The Meteoric Growth of Elementor with Kfir Bitton appeared first on Wordfence.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Tap To Call