The Unlimited Elements For Elementor plugin for WordPress is vulnerable to a security issue called Stored Cross-Site Scripting. This security issue makes it possible for people with administrative-level permissions on a website to inject malicious web scripts into pages. This malicious code can then be executed whenever a user visits the page. This security issue only affects multi-site installations and installations where certain website security settings have been disabled. The security issue affects all versions of the plugin up to and including version 1.5.48.