CVE-2021-24262
The CVE concerns the WordPress plugin WooLentor – WooCommerce Elementor Addons + Builder (versions before 1.8.6). A widget, specifically the product title widget, is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users (e.g., contributors) via a flaw in the allowed input for ...