A popular plugin for customizing websites on WordPress, called Essential Addons for Elementor, has a security issue that could potentially harm users. This vulnerability is caused by a parameter in the Team Members widget and affects all versions up to 5.9.15. It allows attackers with contributor access or higher to insert harmful scripts into pages, which will execute when a user visits that page.