Name of the Vulnerable Software and Affected Versions:

Sina Extension for Elementor versions through 3.7.0

Description:

The Sina Extension for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the `Sina Posts`, `Sina Blog Post`, and `Sina Table` widgets. This allows authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page.

Recommendations:

Update the Sina Extension for Elementor to a version later than 3.7.0.