Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 24 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-2509 Page Builder: Pagelayer <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget Custom Attributes softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 6.4 2026-04-08 13:26:00 Deep Dive
CVE-2026-39469 WordPress PageLayer plugin <= 2.0.8 - Sensitive Data Exposure vulnerability SoftaculousPageLayer--2026-04-08 08:30:08 Deep Dive
CVE-2026-2442 Pagelayer <= 2.0.7 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email' softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 5.3 2026-03-28 09:27:10 Deep Dive
CVE-2025-12366 Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.5 - Authenticated (Author+) Insecure Direct Object Reference softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 4.3 2025-11-13 03:27:37 Deep Dive
CVE-2025-4223 Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.0 - Reflected Cross-Site Scripting via login_url Parameter softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 4.7 2025-05-24 04:25:19 Deep Dive
CVE-2024-13427 Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Link softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 6.4 2025-05-24 01:41:10 Deep Dive
CVE-2024-8618 Page Builder: Pagelayer < 1.9.0- Admin+ Stored XSS UnknownPage Builder: Pagelayer--2025-05-15 20:07:17 Deep Dive
CVE-2024-8426 Pagelayer < 1.8.8 - Admin+ Stored XSS UnknownPage Builder: Pagelayer--2025-05-15 20:07:16 Deep Dive
CVE-2025-2104 Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.9 - Missing Authorization to Authenticated (Contributor+) Post Publication softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 4.3 2025-03-13 04:21:05 Deep Dive
CVE-2024-13430 Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.8 - Authenticated (Contributor+) Private Post Disclosure in pagelayer_builder_posts_shortcode softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 4.3 2025-03-12 08:21:37 Deep Dive
CVE-2025-1926 Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.8 - Cross-Site Request Forgery (CSRF) To Post Contents Modification softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 4.3 2025-03-10 04:21:11 Deep Dive
CVE-2025-24573 WordPress Pagelayer plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability SoftaculousPageLayer Medium 6.5 2025-01-24 17:24:24 Deep Dive
CVE-2023-49196 WordPress Pagelayer plugin <= 1.7.7 - Broken Access Control vulnerability SoftaculousPageLayer Medium 4.3 2024-12-09 11:30:17 Deep Dive
CVE-2024-43972 WordPress Page Builder: Pagelayer – Drag and Drop website builder plugin <= 1.8.7 - Cross Site Scripting (XSS) vulnerability Pagelayer TeamPageLayer Medium 5.9 2024-09-17 23:30:56 Deep Dive
CVE-2024-30465 WordPress PageLayer plugin <= 1.8.1 - Broken Access Control vulnerability Pagelayer TeamPageLayer Medium 6.5 2024-06-09 10:42:29 Deep Dive
CVE-2024-31383 WordPress PopularFX theme <= 1.2.4 - Cross Site Request Forgery (CSRF) vulnerability PagelayerPopularFX Medium 4.3 2024-04-15 10:14:48 Deep Dive
CVE-2024-2504 Page Builder: Pagelayer – Drag and Drop website builder <= 1.8.4 - Authenticated(Contributor+) Stored Cross-Site Scripting via custom attributes softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 6.4 2024-04-09 18:59:21 Deep Dive
CVE-2024-2127 Page Builder: Pagelayer – Drag and Drop website builder <= 1.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 6.4 2024-03-07 19:33:05 Deep Dive
CVE-2023-7115 PageLayer < 1.8.1 - Admin+ Stored XSS UnknownPage Builder: Pagelayer 中危 -2024-02-27 08:30:28 Deep Dive
CVE-2024-1590 Page Builder: Pagelayer – Drag and Drop website builder <= 1.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button softaculousPage Builder: Pagelayer – Drag and Drop website builder Medium 4.6 2024-02-23 09:32:38 Deep Dive