Public CVE-2024-2871 disclosure

The Elements Plus! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widget link URLs in all versions up to, and including, 2.16.2 due to insufficient input sanitization...