Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
king-theme page builder kingcomposer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-36700
The Page Builder: KingComposer plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 2.9.3. This is due to a security nonce being leaked in the '/wp-admin/index.php' page. This makes it possible for authenticated malicious users to...
King-theme Page Builder Kingcomposer
NA
CVE-2020-36709
The Page Builder: KingComposer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via via shortcode in versions prior to 2.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated malicious users to inject arbitrary w...
King-theme Page Builder Kingcomposer
NA
CVE-2020-36701
The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'process_bulk_action' function in the 'kingcomposer/includes/kc.extensions.php' file. This makes it possible for authent...
King-theme Page Builder King Composer
516
VMScore
CVE-2022-0165
The Page Builder KingComposer WordPress plugin up to and including 2.9.6 does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users
King-theme Kingcomposer
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started