Elementor Website Builder – More than Just a Page Builder, CVE-2020-13864

CVE, Research URL: CVE-2020-13864
Home page URL: Security reports for Elementor Website Builder – More than Just a Page Builder
Application: Elementor Website Builder – More than Just a Page Builder
Published on: Jun 06, 2020
Research Description: The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
Affected versions: max 2.9.9.
Status: vulnerable