WordPress Plugin Vulnerabilities

PageLayer < 1.7.9 - Contributor+ Stored XSS

Description

The plugin is vulnerable to Stored Cross-Site Scripting via the 'pagelayer_header_code', 'pagelayer_body_open_code', and 'pagelayer_footer_code' meta fields due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This appears to be a reintroduction of a vulnerability patched in version 1.7.7.

Affects Plugins

Plugin icon
pagelayer
Fixed in 1.7.9

References

CVE
CVE-2023-6738
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/d14c8890-482c-4d43-a68f-0d04c4feca8f

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
5.9 (medium)

Miscellaneous

Original Researcher
Nex Team
Verified
No
WPVDB ID
a70c9748-1928-45f1-bab6-f256ac8f2ebc

Timeline

Publicly Published
2024-01-03 (about 2 years ago)
Added
2024-01-03 (about 2 years ago)
Last Updated
2024-01-03 (about 2 years ago)

Other

Published
Title
Published
2024-06-26
Title
Gutenberg Blocks with AI by Kadence WP – Page Builder Features < 3.2.43 - Authenticated (Contributor+) Stored Cross-Site Scripting in Google Maps Widget
Published
2024-04-15
Title
Easy Textillate <= 2.02 - Authenticated(Contributor+) Stored Cross-Site Scripting
Published
2024-12-20
Title
One Click Upsell Funnel for WooCommerce < 3.4.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via wps_wocuf_pro_yes Shortcode
Published
2025-08-15
Title
Soledad < 8.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'pcsml_smartlists_h'
Published
2025-05-02
Title
Theme Blvd Sliders <= 1.2.5 - Reflected Cross-Site Scripting