Page Builder: Pagelayer WordPress Plugin Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress, affecting all versions through 1.9.8. The vulnerability arises from inadequate nonce validation in the 'pagelayer_save_post' function, allowing unauthenticated attackers to alter post content by sending a forged request, provided they can persuade a site administrator to click a link or perform a similar action.

Impact

Exploitation of this vulnerability allows for unauthorized modification of post contents on behalf of an administrator.

Reproduction

To reproduce this vulnerability, an attacker must exploit the lack of proper nonce validation in the 'pagelayer_save_post' function. This can be done by sending a forged request to the server that includes the 'pagelayer_header_code', 'pagelayer_body_open_code', or 'pagelayer_footer_code' metadata fields. The request must be crafted to bypass the missing nonce validation and trick an administrator into executing it, such as by clicking a link.

Remediation

Users are advised to update the Page Builder: Pagelayer WordPress plugin to version 1.9.9 or later.