This blog post is about an Elementor plugin vulnerability. If you’re an Elementor user, please update the plugin to at least version 3.16.5.
You can sign up for the Patchstack Community plan to be notified about vulnerabilities as soon as they become disclosed.
For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies.
About the Elementor Plugin
The plugin Elementor (versions ‘true’ ] );
$icon_active_html=$this->is_active_icon_exist( $settings )
? Icons_Manager::try_get_icon_html( $settings[‘accordion_item_title_icon_active’], [ ‘aria-hidden’=> ‘true’ ] )
: $icon_html;
ob_start();
?>
Source: patchstack.com