MEDIUM
timstrifler
CVE published 2026-07-07
CVE-2026-11328
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title parameter in all versions up to, and including, 2.7.9.8 due to insufficient input sanitization and output escaping. This vulnerability has a CVSS score of 6.4 and a MEDIUM severity. Authenticated attackers with Contributor-level access and above could inject arbitrary web scripts in page [truncated]