The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin before 2.0.10 for WordPress has XSS.Referenceshttps://www.contextis.com/resources/advisorieshttps://elementor.com/blog/https://www.contextis.com/en/resources/advisories/cve-2018-18379
