CVE-2022-0165

Name of the Vulnerable Software and Affected Versions Page Builder KingComposer WordPress plugin versions 2.9.6 and earlier

Description The issue is related to the use of open redirection when handling the kc get thumbn parameter in the admin-ajax.php script of the Page Builder KingComposer WordPress plugin. This can allow a remote attacker to redirect a user to an arbitrary URL. The kc get thumbn AJAX action is available to both unauthenticated and authenticated users, and it does not validate the id parameter before redirecting the user to it.

Recommendations For Page Builder KingComposer WordPress plugin versions 2.9.6 and earlier, consider disabling the kc get thumbn AJAX action until a patch is available to prevent exploitation. Restrict access to the admin-ajax.php script to minimize the risk of redirection attacks. Avoid using the id parameter in the affected AJAX endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.