CVE-2023-5124

Name of the Vulnerable Software and Affected Versions The Page Builder: Pagelayer WordPress plugin versions prior to 1.8.0

Description The issue allows attackers with administrator privileges to insert malicious JavaScript inside a post's header or footer code, even when unfiltered html is disallowed, such as in multi-site WordPress configurations.

Recommendations For versions prior to 1.8.0, update to version 1.8.0 or later to resolve the issue. As a temporary workaround, consider restricting administrator privileges or monitoring post header and footer code for malicious JavaScript until the update is applied.