cleantalk
Vulnerabilities and Security Researches

Page Builder: Pagelayer – Drag and Drop website builder, 8d500d20-4ac0-48b1-8529-3f07aadb1288

CVE, Research URL

8d500d20-4ac0-48b1-8529-3f07aadb1288

Home page URL

Security reports for Page Builder: Pagelayer – Drag and Drop website builder

Application

Page Builder: Pagelayer – Drag and Drop website builder

Published on
-
Research Description
Page Builder: Pagelayer &#8211; Drag and Drop website builder [pagelayer] < 1.3.5 Pagelayer &lt; 1.3.5 - Multiple Reflected Cross-Site Scripting (XSS) Multiple Cross-Site Scripting issues, via the font-size and color parameters of the Website Settings, were fixed in v1.3.5 of the plugin
Affected versions
max 1.3.5.
Status
vulnerable
Previous vulnerability researches
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2025-24573) , Jan 26, 2025
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2026-3297) , Jun 13, 2026
Page Builder: Pagelayer &#8211; Drag and Drop website builder (CVE-2026-2470) , Jun 13, 2026
Page Builder: Pagelayer &#8211; Drag and Drop website builder (034ff0255a06b02d7a3099c8b62052121c06a6b8) , Jun 16, 2026
Page Builder: Pagelayer &#8211; Drag and Drop website builder (798fe899223d5728f117e7d01b13ea4115a359b9) , Jun 16, 2026
New vulnerability
Interactive Content – H5P (CVE-2026-56006) , Jun 24, 2026
Transbank Webpay REST (CVE-2026-6858) , Jun 24, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2026-4610) , Jun 24, 2026
Paymob for WooCommerce (CVE-2026-56025) , Jun 24, 2026
Motors – Car Dealer, Classifieds &amp; Listing (CVE-2026-7859) , Jun 24, 2026