3 matches found
CVE-2025-4223
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘loginurl’ parameter in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-4223 Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.0 - Reflected Cross-Site Scripting via login_url Parameter
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘loginurl’ parameter in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress Pagelayer plugin <= 2.0.0 - Reflected Cross-Site Scripting via login_url Parameter vulnerability
Reflected Cross-Site Scripting via loginurl Parameter vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin PageLayer versions = 2.0.0...