Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Live Composer Team — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Live Composer Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.

The Live Composer Team develops WordPress page builders enabling visual website creation. Historically, their products have been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for their six recorded CVEs. These vulnerabilities often stem from insufficient input validation and improper capability checks in their shortcode and dynamic content rendering systems. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in their core functionality has established a reputation for security weaknesses that require immediate patching by users.

Top products by Live Composer Team: Page Builder: Live Composer
CVE IDTitleCVSSSeverityPublished
CVE-2024-35779 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Contributor+ Shortcode Cross Site Scripting (XSS) vulnerability — Page Builder: Live ComposerCWE-79 6.5 Medium2024-06-21
CVE-2024-35780 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Contributor+ PHP Object Injection vulnerability — Page Builder: Live ComposerCWE-502 8.5 High2024-06-19
CVE-2024-32957 WordPress Page Builder: Live Composer plugin <= 1.5.38 - Broken Access Control vulnerability — Page Builder: Live ComposerCWE-862 4.7 Medium2024-04-26
CVE-2024-31933 WordPress Page Builder: Live Composer plugin <= 1.5.35 - Cross Site Request Forgery (CSRF) vulnerability — Page Builder: Live ComposerCWE-352 5.4 Medium2024-04-15
CVE-2023-52193 WordPress Page Builder: Live Composer Plugin <= 1.5.23 is vulnerable to Cross Site Scripting (XSS) — Page Builder: Live ComposerCWE-79 6.5 Medium2024-02-01
CVE-2023-52206 WordPress Page Builder: Live Composer Plugin <= 1.5.25 is vulnerable to PHP Object Injection — Page Builder: Live ComposerCWE-502 7.7 High2024-01-08

This page lists every published CVE security advisory associated with Live Composer Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.