CVE-2025-14071
The Live Composer – Free WordPress Website Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.2 via deserialization of untrusted input in the dslcmodulepostsoutput shortcode. This makes it possible for authenticated attackers, with...