Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pagelayer pagelayer vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-36383
PageLayer prior to 1.3.5 allows reflected XSS via the font-size parameter.
Pagelayer Pagelayer
NA
CVE-2023-6738
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pagelayer_header_code', 'pagelayer_body_open_code', and 'pagelayer_footer_code' meta fields in all versions u...
Pagelayer Pagelayer
NA
CVE-2023-4687
The Page Builder: Pagelayer WordPress plugin prior to 1.7.7 doesn't prevent unauthenticated attackers from updating a post's header or footer code on scheduled posts.
Pagelayer Pagelayer
6.5
CVSSv2
CVE-2020-35947
An issue exists in the PageLayer plugin prior to 1.1.2 for WordPress. Nearly all of the AJAX action endpoints lacked permission checks, allowing these actions to be executed by anyone authenticated on the site. This happened because nonces were used as a means of authorization, b...
Pagelayer Pagelayer
6.8
CVSSv2
CVE-2020-35944
An issue exists in the PageLayer plugin prior to 1.1.2 for WordPress. The pagelayer_settings_page function is vulnerable to CSRF, which can lead to XSS.
Pagelayer Pagelayer
4.3
CVSSv2
CVE-2020-36384
PageLayer prior to 1.3.5 allows reflected XSS via color settings.
Pagelayer Pagelayer
NA
CVE-2023-5087
The Page Builder: Pagelayer WordPress plugin prior to 1.7.8 doesn't prevent attackers with author privileges and higher from inserting malicious JavaScript inside a post's header or footer code.
Pagelayer Pagelayer
NA
CVE-2023-5124
The Page Builder: Pagelayer WordPress plugin prior to 1.8.0 doesn't prevent attackers with administrator privileges from inserting malicious JavaScript inside a post's header or footer code, even when unfiltered_html is disallowed, such as in multi-site WordPress config...
Pagelayer Pagelayer
NA
CVE-2024-31383
Cross-Site Request Forgery (CSRF) vulnerability in Pagelayer PopularFX.This issue affects PopularFX: from n/a up to and including 1.2.4.
NA
CVE-2023-7115
The Page Builder: Pagelayer WordPress plugin prior to 1.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example i...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »