CVE-2021-24264

Name of the Vulnerable Software and Affected Versions Image Hover Effects – Elementor Addon versions prior to 1.3.4

Description The issue concerns a stored Cross-Site Scripting (XSS) vulnerability in a widget of the plugin. This vulnerability can be exploited by lower-privileged users, such as contributors. The exploitation method is similar in nature.

Recommendations For versions prior to 1.3.4, update to version 1.3.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable widget to minimize the risk of exploitation.