2 matches found
EUVD-2020-24142
Malware in sbrugna...
CVE-2020-36700 Page Builder: KingComposer < 2.9.4 - Authorization Bypass due to Improper Access Control
The Page Builder: KingComposer plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 2.9.3. This is due to a security nonce being leaked in the '/wp-admin/index.php' page. This makes it possible for authenticated attackers to change arbitrary WordPress...