Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-0165

Disclosure Date: March 14, 2022 (last updated February 23, 2025)
The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0