VYPR

Live Composer Page Builder

by Live Composer

Source repositories

CVEs (6)

  • CVE-2024-35780HigJun 19, 2024
    risk 0.48cvss 8.5epss 0.00

    Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.42.

  • CVE-2025-68598MedDec 24, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiveComposer Page Builder: Live Composer live-composer-page-builder allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through <= 2.1.13.

  • CVE-2025-14071HigDec 21, 2025
    risk 0.42cvss 7.5epss 0.01

    The Live Composer – Free WordPress Website Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.2 via deserialization of untrusted input in the dslc_module_posts_output shortcode. This makes it possible for authenticated…

  • CVE-2024-35768MedJun 21, 2024
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiveComposer Page Builder: Live Composer live-composer-page-builder allows DOM-Based XSS.This issue affects Page Builder: Live Composer: from n/a through <= 2.1.11.

  • CVE-2024-32957MedApr 26, 2024
    risk 0.31cvss 4.7epss 0.00

    Missing Authorization vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.38.

  • CVE-2024-35779Jun 21, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through 1.5.42.