Cross-Site Request Forgery (CSRF) vulnerability in Pagelayer PopularFX.This issue affects PopularFX: from n/a through...
4.3CVSS
7.5AI Score
0.0004EPSS
6.1CVSS
6.1AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
An issue was discovered in the PageLayer plugin before 1.1.2 for WordPress. The pagelayer_settings_page function is vulnerable to CSRF, which can lead to...
8.8CVSS
6.7AI Score
0.002EPSS
An issue was discovered in the PageLayer plugin before 1.1.2 for WordPress. Nearly all of the AJAX action endpoints lacked permission checks, allowing these actions to be executed by anyone authenticated on the site. This happened because nonces were used as a means of authorization, but a nonce...
7.4CVSS
7.1AI Score
0.001EPSS