Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
king-theme page builder kingcomposer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-36700
The Page Builder: KingComposer plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 2.9.3. This is due to a security nonce being leaked in the '/wp-admin/index.php' page. This makes it possible for authenticated malicious users to...
King-theme Page Builder Kingcomposer
NA
CVE-2020-36709
The Page Builder: KingComposer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via via shortcode in versions prior to 2.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated malicious users to inject arbitrary w...
King-theme Page Builder Kingcomposer
NA
CVE-2020-36701
The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'process_bulk_action' function in the 'kingcomposer/includes/kc.extensions.php' file. This makes it possible for authent...
King-theme Page Builder King Composer
516
VMScore
CVE-2022-0165
The Page Builder KingComposer WordPress plugin up to and including 2.9.6 does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users
King-theme Kingcomposer
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started