PT-2025-22826 · WordPress · Pagelayer

Name of the Vulnerable Software and Affected Versions: The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress versions prior to 2.0.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Button widget due to insufficient input sanitization an...

PT-2025-9158 · WordPress · The Page Builder By Siteorigin

Name of the Vulnerable Software and Affected Versions: The Page Builder by SiteOrigin plugin for WordPress versions up to, and including, 2.31.4 Description: The issue is related to Stored Cross-Site Scripting via the Embedded VideoPB widget due to insufficient input sanitization and output...

PT-2024-18122 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.9 Description: The issue is related to Stored Cross-Site Scripting via the plugin's event calendar widget due to insufficient input sanitization and...

PT-2024-20776 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.2.0 through 7.3.6 Liferay DXP 7.3 before service pack 3 Liferay DXP 7.2 before fix pack 13 Description: The Document and Media widget in Liferay Portal does not limit resource consumption when generating a preview...