CVSS 3.1 Score 4.8 of 10 (medium)


Published Jan 29, 2024
Updated: Feb 5, 2024


CVE-2023-5124 is a vulnerability found in the Page Builder: Pagelayer WordPress plugin before version 1.8.0. This vulnerability allows attackers with administrator privileges to insert malicious JavaScript into a post's header or footer code, even when unfiltered_html is disallowed in multi-site WordPress configurations. The vulnerability affects various products, including WordPress versions t0TPt3, t0TPt2, t0TPt1, and others. To remediate the issue, users should update their Page Builder: Pagelayer plugin to version 1.8.0 or later. The potential danger posed by this vulnerability is considered medium, with a base severity score of 4.8 out of 10 according to NIST's analysis.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5124 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options