The Royal Elementor Addons and Templates plugin for WordPress has a security issue that allows hackers to insert harmful code into web pages. This is due to a lack of proper protection for user input. Attackers with contributor-level access or higher can exploit this vulnerability to execute their own code on pages that have been injected.