CVE-2020-36700 : What You Need to Know

The Page Builder: KingComposer plugin for WordPress is vulnerable to an authorization bypass, allowing attackers to perform malicious actions.

Understanding CVE-2020-36700

The vulnerability in the KingComposer plugin allows authenticated attackers to manipulate WordPress settings and content.

What is CVE-2020-36700?

The Page Builder: KingComposer plugin for WordPress is susceptible to an authorization bypass vulnerability in versions up to 2.9.3. Attackers can exploit this flaw to perform unauthorized actions on the website.

The Impact of CVE-2020-36700

The vulnerability enables authenticated attackers to modify WordPress options, delete files/folders, and inject content, posing a significant security risk to affected websites.

Technical Details of CVE-2020-36700

The KingComposer plugin vulnerability has the following technical details:

Vulnerability Description

Security nonce leakage in the '/wp-admin/index.php' page
Allows authenticated attackers to change WordPress options, delete files/folders, and inject content

Affected Systems and Versions

Vendor: kingthemes
Product: Page Builder: KingComposer
Versions affected: Up to and including 2.9.3

Exploitation Mechanism

Attackers exploit the leaked security nonce in the '/wp-admin/index.php' page to bypass authorization and perform malicious actions

Mitigation and Prevention

To address CVE-2020-36700, follow these mitigation steps:

Immediate Steps to Take

Update the KingComposer plugin to version 2.9.4 or later
Monitor website activity for any unauthorized changes

Long-Term Security Practices

Regularly update all plugins and themes to the latest versions
Implement strong authentication mechanisms and access controls
Conduct security audits and penetration testing regularly

Patching and Updates

Apply security patches promptly
Stay informed about security vulnerabilities and updates from plugin developers