The Elementor Addon Elements plugin for WordPress has a security issue that allows attackers to inject harmful code into web pages. This can happen when someone with contributor-level access or higher uses certain widgets in the plugin. It affects all versions of the plugin up to 1.13.2.