← volver
CVE-2024-8426

Pagelayer < 1.8.8 - Admin+ Stored XSS

CVSS 4.8 MEDIUMEPSS 0.3%
The Page Builder: Pagelayer WordPress plugin before 1.8.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Productos afectados
Unknown · Page Builder: Pagelayer

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wpscan.com/vulnerability/f81b7478-c775-45ff-bbb8-d13c3f58acc6/