Elementor Website Builder – More than Just a Page Builder, CVE-2020-20406

CVE, Research URL: CVE-2020-20406
Home page URL: Security reports for Elementor Website Builder – More than Just a Page Builder
Application: Elementor Website Builder – More than Just a Page Builder
Published on: Sep 17, 2020
Research Description: A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes.
Affected versions: Min -, max 2.9.3.
Status: vulnerable