4 matches found
CVE-2020-36701
The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'processbulkaction' function in the 'kingcomposer/includes/kc.extensions.php' file. This makes it possible for authenticated users with author level...
CVE-2020-36701 Page Builder: KingComposer < 2.9.4 - Arbitrary File Upload
The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'processbulkaction' function in the 'kingcomposer/includes/kc.extensions.php' file. This makes it possible for authenticated users with author level...
CVE-2020-36701
The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'processbulkaction' function in the 'kingcomposer/includes/kc.extensions.php' file. This makes it possible for authenticated users with author level...
CVE-2020-36701
CVE-2020-36701 concerns the WordPress plugin Page Builder: KingComposer . The vulnerability is Arbitrary File Upload via the function process_bulk_action in kingcomposer/includes/kc.extensions.php , affecting versions up to and including 2.9.3 . authenticated users with author+ permissions can up...