A vulnerability, which was classified as problematic , has been found in smub aThemes Addons for Elementor Plugin up to 1.1.8 on WordPress. Impacted is an unknown function of the component Posts Timeline Widget . The manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-8613 . The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.