It goes without saying that the vast majority of websites on the Internet are created using WordPress.
The Hacker News website points out that it is even possible to gain admin access to the site using this vulnerability, and if you use one of these plugins, they are advised to update to the latest version as soon as possible.
This vulnerability has been fixed in version 3.1.4 of the Elementor plugin and version 1.7.2 of the WP Super Cache plugin, the main vulnerability being the ability to perform cross-site scripting (XSS) attacks.
Most of the articles written by a normal user on a WordPress website are reviewed by an admin or an editor, and when opening the relevant articles for such review, another admin user can create an XSS attack using the admin session automatically. Has received via.