CVE-2021-24263

Name of the Vulnerable Software and Affected Versions Elementor Addons – PowerPack Addons for Elementor versions prior to 2.3.2

Description The issue concerns stored Cross-Site Scripting (XSS) in several widgets of the plugin, which can be exploited by lower-privileged users, such as contributors. The exploitation occurs via a similar method in the affected widgets.

Recommendations For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable widgets to minimize the risk of exploitation.