Colibri Page Builder Security Vulnerabilities and Issues — Colibri Page Builder CVE List

Lucene search

ExtendthemesColibri Page Builder

3 matches found

CVE•added 2024/02/23 11:15 a.m.•108 views

CVE-2024-1361

The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the apiCall() function. This makes it possible for unauthenticated attackers to call a limited set of func...

4.3CVSS5.2AI score0.00092EPSS

CVE•added 2024/02/23 11:15 a.m.•72 views

CVE-2024-1362

The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the cp_shortcode_refresh() function. This makes it possible for unauthenticated attackers to execute arbit...

4.3CVSS5.8AI score0.00092EPSS

CVE•added 2024/03/09 10:15 a.m.•48 views

CVE-2024-1870

The Colibri Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callActivateLicenseEndpoint function in all versions up to, and including, 1.0.260. This makes it possible for authenticated attackers, with subscriber access or...

4.3CVSS5.2AI score0.00073EPSS