CVE-2020-35944
The CVE refers to the WordPress PageLayer plugin (versions before 1.1.2). The underlying issue is CSRF in the pagelayer_settings_page function, which can lead to stored or reflected XSS as noted in multiple sources. Affected product: PageLayer WordPress plugin; vulnerable component: pagelayer_set...