Medium severity5.4NVD Advisory· Published Sep 16, 2020· Updated Jun 17, 2026
CVE-2020-20406
CVE-2020-20406
Description
A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions. It is caused by inadequate filtering on the link custom attributes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Elementor/Elementor Page Builderdescription
- Range: <=2.9.2
Patches
Vulnerability mechanics
References
1- wordpress.org/plugins/elementor/nvdProductThird Party Advisory
News mentions
0No linked articles in our index yet.