Browse all 3 CVE security advisories affecting Pagelayer Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Pagelayer Team develops a WordPress page builder plugin enabling visual website creation. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with three CVEs currently documented. Security assessments indicate that input validation weaknesses and insufficient access controls have been recurring problems. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests potential risks for users who fail to maintain timely updates. The team's security posture appears reactive rather than preventive, with patches typically released after vulnerabilities are disclosed.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-49196 | WordPress Pagelayer plugin <= 1.7.7 - Broken Access Control vulnerability — PageLayerCWE-862 | 4.3 | Medium | 2024-12-09 |
| CVE-2024-43972 | WordPress Page Builder: Pagelayer – Drag and Drop website builder plugin <= 1.8.7 - Cross Site Scripting (XSS) vulnerability — PageLayerCWE-79 | 5.9 | Medium | 2024-09-17 |
| CVE-2024-30465 | WordPress PageLayer plugin <= 1.8.1 - Broken Access Control vulnerability — PageLayerCWE-862 | 6.5 | Medium | 2024-06-09 |
This page lists every published CVE security advisory associated with Pagelayer Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.