The Royal Elementor Addons and Templates plugin for WordPress has a security issue that can be exploited by hackers. This vulnerability is found in the plugin’s image hotspot, image accordion, off canvas, woogrid, and product mini cart widgets in all versions up to 1.3.975. It happens because the plugin does not properly check or clean the information entered, allowing malicious code to be inserted into the pages of the website. This can be done by someone with contributor access or higher, and the code will be executed whenever a user visits the affected page.