Vulnerability Discovered in KingComposer Page Builder Plugin <= 2.9.2
https://blog.nintechnet.comKingComposer Page Builder WordPress plugin has 100,000+ active installations and is a popular page builder plugin on WordPress. In versions prior to 2.9.2, there are multiple vulnerabilities that allow attackers to authenticated WordPress options change, content injection, stored XSS, arbitrary file deletion and remote code execution among other issues.
The issue has been fixed in Version 2.9.4 which is available now from the WordPress Plugin Repo.