The theplus_more_post AJAX action of The Plus Addons for Elementor Page Builder WordPress plugin prior to 4.1.12 did not properly sanitise some of its fields, leading to a reflected Cross-Site Scripting (exploitable on both unauthenticated and authenticated users)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
posimyth the plus addons for elementor |