sitebuilder dynamic components vulnerabilities and exploits

5
CVSSv2
CVE-2017-18604

The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request....