Lucene search
PatchstackCVELIST:CVE-2023-52206HistoryJan 08, 2024 - 7:32 p.m.
CVE-2023-52206 WordPress Page Builder: Live Composer Plugin <= 1.5.25 is vulnerable to PHP Object Injection
2024-01-0819:32:07
CWE-502
Patchstack
www.cve.org
wordpress
live composer
plugin
vulnerable
php object injection
deserialization
untrusted data
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
0.001 Low
EPSS
Percentile
20.7%
Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer live-composer-page-builder.This issue affects Page Builder: Live Composer: from n/a through 1.5.25.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "live-composer-page-builder",
"product": "Page Builder: Live Composer",
"vendor": "Live Composer Team",
"versions": [
{
"lessThanOrEqual": "1.5.25",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-52206
2024-01-08 20:15:45
cve
cve
CVE-2023-52206
2024-01-08 20:15:45
wpvulndb
wpvulndb
Page Builder: Live Composer < 1.5.29 - Author+ PHP Object Injection
2024-01-12 00:00:00
prion
prion
Deserialization of untrusted data
2024-01-08 20:15:00
wordfence
wordfence
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
0.001 Low
EPSS
Percentile
20.7%
Related for CVELIST:CVE-2023-52206