Lucene search
K

285 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.6 views

CVE-2024-2504

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'attr' parameter in all versions up to, and including, 1.8.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.8AI score0.00429EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.12 views

CVE-2024-2127

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom attributes in all versions up to, and including, 1.8.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.00344EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.6 views

WordPress Pagelayer plugin < 1.8.8 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Jeewan Kumar Bhatta in WordPress Plugin PageLayer versions 1.8.8...

4.8CVSS5.9AI score0.00266EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/14 4:6 a.m.6 views

CVE-2025-12366

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.5 via the pagelayerreplacepage function due to missing validation on a user controlled key. This makes it possible for...

4.3CVSS5.5AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2025/11/13 4:15 a.m.10 views

CVE-2025-12366

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.5 via the pagelayerreplacepage function due to missing validation on a user controlled key. This makes it possible for...

4.3CVSS0.00232EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/13 3:27 a.m.4 views

CVE-2025-12366 Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.5 - Authenticated (Author+) Insecure Direct Object Reference

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.5 via the pagelayerreplacepage function due to missing validation on a user controlled key. This makes it possible for...

4.3CVSS5.1AI score0.00232EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/13 3:27 a.m.5 views

EUVD-2025-150410

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.5 via the pagelayerreplacepage function due to missing validation on a user controlled key. This makes it possible for...

4.3CVSS5AI score0.00232EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/13 3:27 a.m.8 views

CVE-2025-12366 Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.5 - Authenticated (Author+) Insecure Direct Object Reference

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.5 via the pagelayerreplacepage function due to missing validation on a user controlled key. This makes it possible for...

4.3CVSS0.00232EPSS
Exploits0References3
CVE
CVE
added 2025/11/13 3:27 a.m.11 views

CVE-2025-12366

CVE-2025-12366: The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress has an Insecure Direct Object Reference in versions up to 2.0.5, caused by missing validation in pagelayer_replace_page. This authenticated vulnerability affects users with Author-level access and abo...

4.3CVSS5.1AI score0.00232EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.5 views

WordPress plugin Page Builder: Pagelayer – Drag and Drop website builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Page...

4.3CVSS6.3AI score0.00232EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.8 views

PT-2025-46778

Name of the Vulnerable Software and Affected Versions Page Builder: Pagelayer versions up to and including 2.0.5 Description The Page Builder: Pagelayer WordPress plugin has an Insecure Direct Object Reference issue. This is due to a lack of validation on a user-controlled key within the pagelaye...

4.3CVSS6.2AI score0.00232EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/11/12 11:24 p.m.7 views

WordPress Page Builder: Pagelayer – Drag and Drop website builder plugin <= 2.0.5 - Authenticated (Author+) Insecure Direct Object Reference vulnerability

Authenticated Author+ Insecure Direct Object Reference vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin PageLayer versions = 2.0.5...

4.3CVSS6.7AI score0.00232EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-23527

Malware in sbrugna...

8.8CVSS8.5AI score0.00773EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-23915

Malware in sbrugna...

6.1CVSS6.3AI score0.00827EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-23914

Malware in sbrugna...

6.1CVSS6.3AI score0.00827EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-23530

Malware in sbrugna...

7.4CVSS7.3AI score0.01089EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2024-27091

Malicious code in bioql PyPI...

6.4CVSS7.2AI score0.00344EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-53201

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00429EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-7435

Malicious code in bioql PyPI...

4.3CVSS9.1AI score0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-15226

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.00315EPSS
Exploits1References3
Rows per page
Query Builder