The Master Addons plugin for WordPress, which allows users to add widgets, effects, toggles, and animations to their website, has a security vulnerability. This vulnerability, known as Stored Cross-Site Scripting, affects the plugin’s Mega Menu extension and can be found in all versions up to 2.0.6.1. This means that attackers could potentially add harmful code to a website, which would be executed whenever a user visits the affected page. This vulnerability can be exploited by anyone, regardless of whether they have an account on the website or not.