Researchers have uncovered two severe vulnerabilities in the PageLayer WordPress plugin that could allow hackers to hijack websites that employ its design features.

The affected plugin is used to build custom web pages via a simple drag-and-drop mechanism – a boon for users without programming expertise – and is deployed across more than 200,000 websites.

Source Article