Lucene search
K

5 matches found

Patchstack
Patchstack
added 2023/10/17 12:0 a.m.11 views

WordPress PageLayer Plugin < 1.7.7 is vulnerable to Cross Site Scripting (XSS)

Software PageLayer Type Plugin Vulnerable versions 1.7.7 Fixed in 1.7.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4687 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a2e6d35b385c Credits Marc Montpas Required...

6.1CVSS5.6AI score0.00455EPSS
Exploits2References4Affected Software1
NVD
NVD
added 2023/10/16 8:15 p.m.20 views

CVE-2023-4687

The Page Builder: Pagelayer WordPress plugin before 1.7.7 doesn't prevent unauthenticated attackers from updating a post's header or footer code on scheduled posts...

6.1CVSS6.5AI score0.00455EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/10/16 7:39 p.m.28 views

CVE-2023-4687 PageLayer < 1.7.7 - Unauthenticated Stored XSS

The Page Builder: Pagelayer WordPress plugin before 1.7.7 doesn't prevent unauthenticated attackers from updating a post's header or footer code on scheduled posts...

6.6AI score0.00455EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/10/16 7:39 p.m.7 views

CVE-2023-4687 PageLayer < 1.7.7 - Unauthenticated Stored XSS

The Page Builder: Pagelayer WordPress plugin before 1.7.7 doesn't prevent unauthenticated attackers from updating a post's header or footer code on scheduled posts...

7.1AI score0.00455EPSS
Exploits2References1
CVE
CVE
added 2023/10/16 7:39 p.m.74 views

CVE-2023-4687

The CVE-2023-4687 entry concerns the WordPress PageLayer (Pagelayer) plugin, specifically versions before 1.7.7. The affected component is the Header/Body/Footer code editor used on scheduled posts. Root cause per reports is lack of input protection, enabling unauthenticated attackers to update a...

6.1CVSS6.4AI score0.00455EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder