MEDIUM SeverityCVSS 3.16.5CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

CVE-2026-27421

Last updated May 07, 2026 · Published May 07, 2026

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WProyal Royal Elementor Addons allows Stored XSS. This issue affects Royal Elementor Addons: from n/a before 1.7.1053.

Affected products

1 listed

WProyal:Royal Elementor Addons

Mappings

CWE

CWE-79

CAPEC

CAPEC-592

Research

Cross-Site Scripting (XSS)Covers reflected, stored, and DOM based XSS risks and why they remain high impact. Provides prevention…

Training

XSS in React, Vue and Server ComponentsCross-site scripting in modern component frameworks and how to prevent it.

CVE-2026-27421

Description

Affected products

Mappings

Related