Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/05/19 3:7 a.m.9 views

WordPress Page Builder: Pagelayer plugin < 1.9.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin PageLayer versions 1.9.0...

4.8CVSS6.1AI score0.00315EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.8 views

CVE-2024-8618 Page Builder: Pagelayer < 1.9.0- Admin+ Stored XSS

The Page Builder: Pagelayer WordPress plugin before 1.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.7AI score0.00315EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.15 views

CVE-2024-8618 Page Builder: Pagelayer < 1.9.0- Admin+ Stored XSS

The Page Builder: Pagelayer WordPress plugin before 1.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00315EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.40 views

CVE-2024-8618

The CVE-2024-8618 entry concerns the Page Builder: Pagelayer WordPress plugin. The vulnerability affects versions prior to 1.9.0 and stems from insufficient sanitisation/escaping of certain settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowe...

4.8CVSS5.7AI score0.00315EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder