7 matches found
EUVD-2024-17334
Malicious code in bioql PyPI...
CVE-2024-13427
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button widget in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
PT-2025-22826 · WordPress · Pagelayer
Name of the Vulnerable Software and Affected Versions: The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress versions prior to 2.0.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Button widget due to insufficient input sanitization an...
CVE-2023-5087
The Page Builder: Pagelayer WordPress plugin before 1.7.8 doesn't prevent attackers with author privileges and higher from inserting malicious JavaScript inside a post's header or footer code...
PT-2025-21525 · WordPress · Pagelayer
Name of the Vulnerable Software and Affected Versions: Page Builder: Pagelayer versions prior to 1.9.0 Description: The issue concerns the Page Builder: Pagelayer WordPress plugin, where versions prior to 1.9.0 do not properly sanitise and escape some of its settings. This could allow...
CVE-2025-1926
The CVE concerns Page Builder: Pagelayer (WordPress) versions
PageLayer Cross-Site Scripting Vulnerability
PageLayer is a WordPress page builder plugin. It is very easy to use and lightweight on the browser. A cross-site scripting vulnerability exists in PageLayer, which stems from a lack of proper validation of client-side data in PageLayer prior to 1.3.5. An attacker can exploit this vulnerability t...