KingComposer < 2.9.4 - Multiple Critical Issues



Description
Jerome Bruandet, from nintechnet, discovered multiple issues such as authenticated WordPress options change, content injection, stored Cross-Site Scripting (XSS), arbitrary file deletion and remote code execution.

Affects Plugin

References

URL https://blog.nintechnet.com/wordpress-kingcomposer-page-builder-fixed-multiple-critical-vulnerabilities/

Classification

Type MULTI

Miscellaneous

Original Researcher Jerome Bruandet (nintechnet)
Views 1270
Verified No
WPVDB ID 10270

Timeline

Publicly Published 2020-06-15 (about 1 month ago)
Added 2020-06-15 (about 1 month ago)
Last Updated 2020-06-16 (30 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin