2 matches found
CVE-2024-1362
The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the cpshortcoderefresh function. This makes it possible for unauthenticated attackers to execute arbitra...
CVE-2024-1362
CVE-2024-1362 affects the Colibri Page Builder plugin for WordPress. Public disclosures and vendor data indicate a Cross-Site Request Forgery (CSRF) flaw caused by missing or incorrect nonce validation in the cp_shortcode_refresh() function, enabling unauthenticated attackers to trigger shortcode...