The Royal Elementor Addons and Templates plugin for WordPress has a security issue called Stored Cross-Site Scripting. This happens because the plugin does not properly clean the information entered by users and does not protect the output that is shown on the website. This means that hackers with contributor-level access or higher can insert their own malicious code onto pages, which will run whenever someone visits that page.