The Elementor Page Builder plugin prior to 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
elementor elementor page builder |