Posimyththemes

**Name of the Vulnerable Software and Affected Versions** OoohBoi Steroids for Elementor plugin for WordPress versions up to and including 2.1.24 **Description** The OoohBoi Steroids for Elementor plugin for WordPress contains a Stored Cross-Site Scripting issue. Authenticated attackers with Contributor-level access or higher can inject arbitrary web scripts into pages. This occurs through the ` ob spacerat link`, ` ob bbad link`, and ` ob teleporter link` URL parameters. When a user clicks on the injected element, the script will execute. **Recommendations** Update OoohBoi Steroids for Elementor plugin to a version later than 2.1.24.