Update the WordPress Kadence WooCommerce Email Designer plugin to the latest available version (at least 1.5.7).
Nguyen Duy Quoc Khanh discovered and reported this PHP Object Injection vulnerability in WordPress Kadence WooCommerce Email Designer Plugin. This could allow a malicious actor to execute code injection, SQL injection, path traversal, denial of service, and more. This could allow a malicious actor to take-over a website. This vulnerability has been fixed in version 1.5.7.