Vulnerabilities > Extendthemes > Colibri Page Builder > 1.0.229
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-11 | CVE-2023-6988 | Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder 1.0.227/1.0.229 The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's extend_builder_render_js shortcode in all versions up to, and including, 1.0.239 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2023-12-21 | CVE-2023-50833 | Cross-site Scripting vulnerability in Extendthemes Colibri Page Builder 1.0.227/1.0.229 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.This issue affects Colibri Page Builder: from n/a through 1.0.239. | 5.4 |