CORS (Cross-Origin Resource Sharing) is a security policy that prevents domains from being accessed or manipulated by other domains that are not allowed. I assume you are trying to perform an operation from a different domain.
There are three ways to avoid being blocked by this policy:
The domain you are trying to manipulate explicitly allows your domain to run its scripts.
You perform the operation using a local script or a browser with CORS disabled (e.g., a CORS-disabled Chrome).
You perform the operation within the same domain or its subdomains. You can test this easily in the browser console via the inspector.
Here is a useful link that addresses a similar problem:
Error: Permission denied to access property "document"