CVE-2021-24259

Name of the Vulnerable Software and Affected Versions Elementor Addon Elements versions prior to 1.11.2

Description The issue concerns stored Cross-Site Scripting (XSS) in several widgets of the Elementor Addon Elements WordPress Plugin. This vulnerability can be exploited by lower-privileged users, such as contributors, via a similar method.

Recommendations For versions prior to 1.11.2, update to version 1.11.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable widgets to minimize the risk of exploitation.