Vulnerabilities > Pagelayer > Pagelayer > 1.8.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-12 | CVE-2024-13430 | Improper Access Control vulnerability in Pagelayer The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.8 via the 'pagelayer_builder_posts_shortcode' function due to insufficient restrictions on which posts can be included. | 4.3 |
| 2024-09-18 | CVE-2024-43972 | Cross-site Scripting vulnerability in Pagelayer Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pagelayer Team PageLayer allows Stored XSS.This issue affects PageLayer: from n/a through 1.8.7. | 4.8 |