Arbitrary File Upload Vulnerability in KingComposer Plugin for WordPress
CVE-2020-36701

8.8HIGH

Key Information:

Vendor: Wordpress
Status: Page Builder: Kingcomposer – Free Drag And Drop Page Builder By King-theme
Vendor: CVE Published:; 7 June 2023

Summary

The KingComposer plugin for WordPress, versions up to and including 2.9.3, contains a vulnerability that allows authenticated users with author level permissions and higher to upload arbitrary files. This occurs through the 'process_bulk_action' function located in 'kingcomposer/includes/kc.extensions.php'. Such file uploads pose a significant risk as they can potentially lead to remote code execution on the server, compromising the integrity and security of the website.

Affected Version(s)

Page Builder: KingComposer – Free Drag and Drop page builder by King-Theme * <= 2.9.3

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://blog.nintechnet.com/wordpress-kingcomposer-page-b...

https://wordpress.org/plugins/kingcomposer/#developers

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 7, 2023
Vulnerability Reserved
Jun 6, 2023

Credit

Jerome Bruandet