carlidev

thank you : )

we notice the problem locally more easily, once online, the default firewalls of the hosts protect us a little more. there is an xss vulnerability, I have not tested sql injection to see if the presence of the plugin lowers security by default. This would be worth checking

Complement : If we go to jeg elementor -> widget -> disable everything, the result is the same. The plugin only needs to be active to have the vulnerability

if i desactivate “navigation” in the plugin it’s work. this nav option add /# in the url with firefox (bug)