Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

LiveComposer — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting LiveComposer. AI-powered Chinese analysis, POCs, and references for each vulnerability.

LiveComposer is a WordPress page builder plugin enabling drag-and-drop website design. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The plugin has four CVEs on record, with some allowing unauthenticated attackers to execute arbitrary code or manipulate site content. Security researchers have identified consistent patterns in its vulnerabilities, often stemming from insufficient input validation and improper capability checks. While no major public incidents have been widely documented, the accumulation of CVEs indicates ongoing security challenges that require careful implementation and regular updates by users.

Top products by LiveComposer: Page Builder: Live Composer Live Composer – Free WordPress Website Builder
CVE IDTitleCVSSSeverityPublished
CVE-2025-68598 WordPress Page Builder: Live Composer plugin <= 2.1.13 - Cross Site Scripting (XSS) vulnerability — Page Builder: Live ComposerCWE-79 6.5 Medium2025-12-24
CVE-2025-14071 Live Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) PHP Object Injection via dslc_module_posts_output Shortcode — Live Composer – Free WordPress Website BuilderCWE-502 7.5 High2025-12-21
CVE-2025-13537 Live Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — Live Composer – Free WordPress Website BuilderCWE-79 6.4 Medium2025-12-17
CVE-2024-35768 WordPress Page Builder: Live Composer plugin <= 2.1.11 - Cross Site Scripting (XSS) vulnerability — Page Builder: Live ComposerCWE-79 5.9 Medium2024-06-21

This page lists every published CVE security advisory associated with LiveComposer. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.