A vulnerability was found in wproyal Royal Addons for Elementor Plugin up to 1.7.1058 on WordPress. It has been declared as problematic . Impacted is an unknown function. The manipulation of the argument title_tag results in cross site scripting. This vulnerability is reported as CVE-2026-6504 . The attack can be launched remotely. No exploit exists.