8 matches found
CVE-2026-2470
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.9. This is due to the pagelayersavecontent AJAX handler allowing users with basic post-edit capability to persist...
CVE-2026-2470 Pagelayer <= 2.0.9 - Incorrect Authorization to Authenticated (Contributor+) Mail Relay Configuration via 'contacts'
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.9. This is due to the pagelayersavecontent AJAX handler allowing users with basic post-edit capability to persist...
EUVD-2026-36647
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 2.0.9. This is due to the pagelayersavecontent AJAX handler allowing users with basic post-edit capability to persist...
CVE-2026-2470
The CVE concerns the WordPress Page Builder: Pagelayer plugin (
PT-2026-49084
Name of the Vulnerable Software and Affected Versions Page Builder: Pagelayer versions prior to 2.1.0 Description Incorrect Authorization exists in the Page Builder: Pagelayer plugin. The pagelayer save content AJAX handler allows users with basic post-edit capabilities to persist pagelayer conta...
Nagios XI 'Contact Templates' Cross-Site Scripting Vulnerability
Nagios XI is an IT infrastructure monitoring solution. The solution supports monitoring and alerting of applications, services, operating systems and more. Nagios XI 'Contact Templates' Cross-Site Scripting Vulnerability. The vulnerability can be exploited to execute arbitrary script code in the...
Nagios XI 5.7.3 Cross Site Scripting
Exploit Title: Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...
Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting
Exploit Title: Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...