CVE-2022-4953
The CVE describes a vulnerability in the Elementor Website Builder WordPress plugin, affecting versions prior to 3.5.5, where user-controlled URLs loaded into the DOM are not properly filtered, enabling injection of rogue iframes to malicious URLs. Affected product: WordPress Elementor Website Bu...