Vulnerabilities > Extendthemes > Colibri Page Builder > 1.0.209
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-02 | CVE-2024-3337 | Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri_breadcrumb_element' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-05-02 | CVE-2024-3338 | Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt data parameter in all versions up to, and including, 1.0.262 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-05-02 | CVE-2024-3340 | Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri-gallery-slideshow' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-04-02 | CVE-2024-2839 | Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri_post_title' shortcode in all versions up to, and including, 1.0.263 due to insufficient input sanitization and output escaping on user supplied attributes such as 'heading_type'. | 5.4 |
| 2024-03-28 | CVE-2024-28004 | Unspecified vulnerability in Extendthemes Colibri Page Builder Missing Authorization vulnerability in ExtendThemes Colibri Page Builder.This issue affects Colibri Page Builder: from n/a through 1.0.248. | 4.3 |