CVE-2017-18604

Name of the Vulnerable Software and Affected Versions sitebuilder-dynamic-components plugin through 1.0 for WordPress

Description The issue concerns PHP object injection via an AJAX request. This allows for potential exploitation. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For sitebuilder-dynamic-components plugin through 1.0, update to a version later than 1.0 to resolve the issue. As a temporary workaround, consider restricting access to AJAX requests until a patch is available.