logoWordPressPluginsThemesAPISubmitContact
search-icon
logo
search-icon
WordPressPluginsThemesAPISubmitContactSecurity Scanner
Register

Pagelayer < 1.3.5 - Multiple Reflected Cross-Site Scripting (XSS)

Description

Multiple Cross-Site Scripting issues, via the font-size and color parameters of the Website Settings, were fixed in v1.3.5 of the plugin

Affects Plugins

pagelayer

Fixed in version 1.3.5

References

URL

https://www.wordfence.com/blog/2020/12/reflected-xss-in-pagelayer-plugin-affects-over-200000-wordpress-sites/

URL

https://plugins.trac.wordpress.org/changeset/2415325/pagelayer

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Original Researcher

Ram Gall (Wordfence)

Verified

No

WPVDB ID

8d500d20-4ac0-48b1-8529-3f07aadb1288

Timeline

Publicly Published

2020-12-10 (about 9 months ago)

Added

2020-12-10 (about 9 months ago)

Last Updated

2020-12-11 (about 9 months ago)

Our Other Services

WPScan WordPress Security Plugin