Unprotected AJAX and Nonce Disclosure to Stored Cross-Site Scripting (XSS) discovered by WordFence in WordPress PageLayer – Drag and Drop website builder plugin (versions <= 1.1.1).
Update the WordPress PageLayer – Drag and Drop website builder plugin to the latest available version (at least 1.1.2).