Elementor Website Builder – More than Just a Page Builder, CVE-2021-24891

CVE, Research URL: CVE-2021-24891
Home page URL: Security reports for Elementor Website Builder – More than Just a Page Builder
Application: Elementor Website Builder – More than Just a Page Builder
Published on: Nov 24, 2021
Research Description: The Elementor Website Builder WordPress plugin before 3.4.8 does not sanitise or escape user input appended to the DOM via a malicious hash, resulting in a DOM Cross-Site Scripting issue.
Affected versions: max 3.6.3.
Status: vulnerable