The Elementor Addon Elements plugin for WordPress has a security vulnerability that could allow hackers to inject harmful code into web pages. This vulnerability is present in all versions of the plugin up to version 1.12.12, as it does not properly clean and protect user input. This means that anyone with contributor-level access or higher could potentially add malicious scripts to pages, which would then run whenever someone visits that page.