91 matches found
WordPress KingComposer plugin <= 2.9.2 - Arbitrary Files/Folders Deletion vulnerability
Arbitrary Files/Folders Deletion vulnerability discovered by NinTechNet in WordPress KingComposer plugin versions = 2.9.2. Solution Update the WordPress KingComposer plugin to the latest available version at least 2.9.4...
WordPress KingComposer plugin <= 2.9.2 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by NinTechNet in WordPress KingComposer plugin versions = 2.9.2. Solution Update the WordPress KingComposer plugin to the latest available version at least 2.9.4...
WordPress KingComposer plugin <= 2.9.2 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by NinTechNet in WordPress KingComposer plugin versions = 2.9.2. Solution Update the WordPress KingComposer plugin to the latest available version at least 2.9.4...
WordPress KingComposer Plugin < 2.8.1 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112558";...
CVE-2019-9910
The kingcomposer plugin 2.7.6 for WordPress has wp-admin/admin.php?page=kc-mapper id XSS...
CVE-2019-9910
The kingcomposer plugin 2.7.6 for WordPress has wp-admin/admin.php?page=kc-mapper id XSS...
Cross site scripting
The kingcomposer plugin 2.7.6 for WordPress has wp-admin/admin.php?page=kc-mapper id XSS...
Kingcomposer Cross-Site Scripting Vulnerability
WordPress plugin KingComposer is a professional backend and frontend page builder plugin. A cross-site scripting vulnerability exists in the wp-admin/admin.php?page=kc-mapper page in version 2.7.6 of the WordPress kingcomposer plugin. A remote attacker can exploit the vulnerability to execute...
CVE-2019-9910
The CVE-2019-9910 entry concerns the WordPress KingComposer plugin, version 2.7.6, which is affected by a cross-site scripting (XSS) vulnerability via the wp-admin/admin.php?page=kc-mapper id parameter. Multiple connected sources corroborate the vulnerability in KingComposer 2.7.6 and describe it...
CVE-2019-9910
The kingcomposer plugin 2.7.6 for WordPress has wp-admin/admin.php?page=kc-mapper id XSS...
WordPress KingComposer 2.7.6 Cross Site Scripting
Vulnerability: XSS Affected Software: KingComposer Affected Version: 2.7.6 Patched Version: none CVE: not requested Risk: Medium Vendor Contacted: 10/25/2018 Vendor Fix: none Public Disclosure: 02/05/2019 Credit: Tim Coen CVSS 6.1 Medium CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Overview The...