๐Ÿ” CVE Alert

CVE-2024-31933

MEDIUM 5.4

WordPress Page Builder: Live Composer plugin <= 1.5.35 - Cross Site Request Forgery (CSRF) vulnerability

CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
0th

Cross-Site Request Forgery (CSRF) vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.35.

CWE CWE-352
Vendor live composer team
Product page builder: live composer
Published Apr 15, 2024
Last Updated Apr 28, 2026
Stay Ahead of the Next One

Get instant alerts for live composer team page builder: live composer

Be the first to know when new medium vulnerabilities affecting live composer team page builder: live composer are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low

Affected Versions

Live Composer Team / Page Builder: Live Composer
n/a โ‰ค 1.5.35

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
patchstack.com: https://patchstack.com/database/vulnerability/live-composer-page-builder/wordpress-page-builder-live-composer-plugin-1-5-35-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Credits

Brandon Roldan (Patchstack Alliance)