Plugin: Happy Elementor Addons File: custom-js.php Version: 3.20.2 Commit: 3399775 Commit By: iqbalrony Commit Time: 6 weeks ago Key Vulnerability Information Potential Issue: Unsanitized Input - Function: - Line: 64 - Description: The function retrieves user input through and saves it directly without sanitization or validation. - Risk: This can lead to Cross-Site Scripting (XSS) attacks if the input is not properly handled. Access Control: - Function: - Line: 129 - Description: The function checks if the current user has capability. This ensures that only administrators can perform certain actions. - Risk: The check is in place, but proper validation and sanitization are still necessary. Inline Script Execution: - Function: - Line: 75 - Description: The function uses to add custom JavaScript. - Risk: If the custom JavaScript is not properly sanitized, it could be exploited.