The Royal Elementor Addons and Templates plugin for WordPress has a security issue that allows hackers to insert harmful code into web pages. This affects all versions up to 1.3.87. Even users with contributor access can exploit this vulnerability, causing the injected code to run whenever someone visits the affected page.