Stored Cross-Site Scripting (XSS) is a type of security flaw that allows attackers to inject malicious scripts into webpages viewed by other users. In this case, the vulnerability exists in the Royal Addons for Elementor plugin due to insufficient input sanitization and output escaping for the 'button_text' parameter. This flaw permits authenticated users with sufficient privileges to insert malicious scripts that execute when the manipulated page is accessed by any user. The issue poses a serious threat as it can lead to data theft, session hijacking, or unauthorized actions on behalf of otherwise unsuspecting users. The risk is compounded in cases where site contributors have upload permissions, increasing the avenues through which malicious actors can attack the site.

To mitigate this vulnerability, ensure proper sanitization and escaping of all user inputs and outputs, especially those involving dynamic content. Limit the capabilities of users with contributor-level access to the bare minimum required to perform their duties, and regularly audit site plugins for unusual activity. Additionally, site administrators should install a reliable security plugin to monitor and block suspicious activity.