cleantalk
Vulnerabilities and Security Researches

Page Builder: Pagelayer – Drag and Drop website builder, 798fe899223d5728f117e7d01b13ea4115a359b9

CVE, Research URL

798fe899223d5728f117e7d01b13ea4115a359b9

Home page URL

Security reports for Page Builder: Pagelayer – Drag and Drop website builder

Application

Page Builder: Pagelayer – Drag and Drop website builder

Published on
Sep 14, 2023
Research Description
Page Builder: Pagelayer &#8211; Drag and Drop website builder [pagelayer] < 1.7.7 WordPress PageLayer Plugin < 1.7.7 is vulnerable to Cross Site Scripting (XSS) Update the WordPress PageLayer plugin to the latest available version (at least 1.7.7). Unknown discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress PageLayer Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.7.7.
Affected versions
max 1.7.7.
Status
vulnerable
Previous vulnerability researches
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2025-24573) , Jan 26, 2025
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2026-3297) , Jun 13, 2026
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2026-2470) , Jun 13, 2026
Page Builder: Pagelayer &#8211; Drag and Drop website builder (034ff0255a06b02d7a3099c8b62052121c06a6b8) , Jun 16, 2026
Page Builder: Pagelayer &#8211; Drag and Drop website builder (798fe899223d5728f117e7d01b13ea4115a359b9) , Jun 16, 2026
New vulnerability
Advanced 301 and 302 Redirect (CVE-2026-49067) , Jun 18, 2026
Abandoned Contact Form 7 (CVE-2026-9187) , Jun 18, 2026
ABC Crypto Checkout (CVE-2026-52695) , Jun 18, 2026
WordPress File Sharing Plugin (CVE-2026-10093) , Jun 18, 2026
Gallery Plugin for WordPress &#8211; Envira Photo Gallery (CVE-2026-54190) , Jun 18, 2026