PageLayer
Softaculous
Developer
2.0.6
Latest version
400,000
Installations
6 days ago
Last updated
Vulnerability history
0 present
22 fixed
6 Mitigation rules
- Authenticated (Author+) Insecure Direct Object Reference vulnerability<= 2.0.56 days ago
- Reflected Cross-Site Scripting via login_url Parameter vulnerability<= 2.0.0May 23, 2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via Button Link vulnerability<= 2.0.0May 23, 2025
- Admin+ Stored XSS vulnerability< 1.9.0May 19, 2025
- Missing Authorization to Authenticated (Contributor+) Post Publication vulnerability<= 1.9.8Mar 12, 2025
- Authenticated (Contributor+) Private Post Disclosure in pagelayer_builder_posts_shortcode vulnerability<= 1.9.8Mar 11, 2025
- Cross-Site Request Forgery (CSRF) To Post Contents Modification vulnerability<= 1.9.8Mar 10, 2025
- Cross Site Scripting (XSS) vulnerability<= 1.9.4Jan 24, 2025
- Cross Site Scripting (XSS) vulnerability<= 1.8.7Aug 28, 2024
- Broken Access Control vulnerability<= 1.8.1Mar 28, 2024
- Authenticated(Contributor+) Stored Cross-Site Scripting via custom attributes vulnerability<= 1.8.4Mar 22, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Attributes vulnerability<= 1.8.3Mar 7, 2024
- Admin+ Stored XSS vulnerability< 1.8.1Feb 27, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Button vulnerability<= 1.8.2Feb 23, 2024
- Author+ Stored XSS vulnerability<= 1.7.9Jan 31, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via meta fields vulnerability<= 1.7.8Jan 31, 2024
- Broken Access Control vulnerability<= 1.7.7Dec 1, 2023
- Author+ Stored XSS vulnerability< 1.7.8Oct 17, 2023
- Unauthenticated Stored XSS vulnerability< 1.7.7Oct 17, 2023
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability< 1.7.7Sep 14, 2023
- Reflected Cross-Site Scripting (XSS) vulnerability<= 1.3.4Dec 10, 2020
- Unprotected AJAX and Nonce Disclosure to Stored Cross-Site Scripting (XSS)<= 1.1.1May 28, 2020