You do not have permissionBrowser Info Environment
I hope you can help,
If it is the page, then the problem is somewhere within the setting of c5 permissions (looks like you have eliminated that possibility)
If it is the ajax load, then this has arisen because an encrypted security key passed through by the ajax call has failed validation. This uses the concrete5 encryption helper, so is subject to any encryption lifespan limitations the c5 helper imposes (or your php environment imposes as this probably goes all the way back to the php environment). If the page is cached, maybe the cache lifespan is greater than the encryption lifespan.
By logging in and saving, you cleared the cache for the page. Hence the encrypted token has been regenerated.
It could also be a one off corruption of the security key. In which case just keep an eye on it for a while and see if the issue repeats.
If it does repeat, please open a support request and post the content of the ajax network request post data (from the browser developer console).
I have just uploaded a minor revision that I needed to integrate with another addon (a small change to the data in the events fired by the ajax handler). While doing this, I also changed the details of one of the error messages to provide clearer diagnostics should your glitch recur.
Your explanation made perfect sense.