All the vulnerabilites related to ExtendThemes - Colibri Page Builder
cve-2024-28004
Vulnerability from cvelistv5
Published
2024-03-28 05:51
Modified
2024-08-11 14:01
Severity ?
EPSS score ?
Summary
Missing Authorization vulnerability in ExtendThemes Colibri Page Builder.This issue affects Colibri Page Builder: from n/a through 1.0.248.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | ExtendThemes | Colibri Page Builder |
Version: n/a < |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T00:41:55.957Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://patchstack.com/database/vulnerability/colibri-page-builder/wordpress-colibri-page-builder-plugin-1-0-248-broken-access-control-vulnerability?_s_id=cve" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:extendthemes:colibri_page_builder:*:*:*:*:*:wordpress:*:*" ], "defaultStatus": "unaffected", "product": "colibri_page_builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.248", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-28004", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-10T19:42:23.399976Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-11T14:01:46.964Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "colibri-page-builder", "product": "Colibri Page Builder", "vendor": "ExtendThemes", "versions": [ { "changes": [ { "at": "1.0.249", "status": "unaffected" } ], "lessThanOrEqual": "1.0.248", "status": "affected", "version": "n/a", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Rafie Muhammad (Patchstack)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Missing Authorization vulnerability in ExtendThemes Colibri Page Builder.\u003cp\u003eThis issue affects Colibri Page Builder: from n/a through 1.0.248.\u003c/p\u003e" } ], "value": "Missing Authorization vulnerability in ExtendThemes Colibri Page Builder.This issue affects Colibri Page Builder: from n/a through 1.0.248.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-28T05:51:25.338Z", "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack" }, "references": [ { "tags": [ "vdb-entry" ], "url": "https://patchstack.com/database/vulnerability/colibri-page-builder/wordpress-colibri-page-builder-plugin-1-0-248-broken-access-control-vulnerability?_s_id=cve" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Update to 1.0.249 or a higher version." } ], "value": "Update to 1.0.249 or a higher version." } ], "source": { "discovery": "EXTERNAL" }, "title": "WordPress Colibri Page Builder plugin \u003c= 1.0.248 - Broken Access Control vulnerability", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "assignerShortName": "Patchstack", "cveId": "CVE-2024-28004", "datePublished": "2024-03-28T05:51:25.338Z", "dateReserved": "2024-02-29T06:17:46.688Z", "dateUpdated": "2024-08-11T14:01:46.964Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1361
Vulnerability from cvelistv5
Published
2024-02-23 11:03
Modified
2024-08-01 18:33
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the apiCall() function. This makes it possible for unauthenticated attackers to call a limited set of functions that can be used to import images, delete posts, or save theme data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.253 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-1361", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-23T16:57:53.359194Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T18:00:32.897Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:33:25.582Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/233a29f5-12bf-4849-9b28-4458a0b0c940?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3039597/colibri-page-builder/trunk/extend-builder/api/api.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.253", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Lucio S\u00e1" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the apiCall() function. This makes it possible for unauthenticated attackers to call a limited set of functions that can be used to import images, delete posts, or save theme data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-23T11:03:45.823Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/233a29f5-12bf-4849-9b28-4458a0b0c940?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3039597/colibri-page-builder/trunk/extend-builder/api/api.php" } ], "timeline": [ { "lang": "en", "time": "2024-02-22T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-1361", "datePublished": "2024-02-23T11:03:45.823Z", "dateReserved": "2024-02-08T18:44:49.179Z", "dateUpdated": "2024-08-01T18:33:25.582Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3340
Vulnerability from cvelistv5
Published
2024-05-02 16:52
Modified
2024-08-01 20:05
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri-gallery-slideshow' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.272 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-3340", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-02T19:21:46.708424Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:32:57.909Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:05:08.413Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f5ba832e-98bc-421d-9b60-e6260c408815?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3074785/colibri-page-builder/trunk/extend-builder/shortcodes/index.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.272", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Ng\u00f4 Thi\u00ean An" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027colibri-gallery-slideshow\u0027 shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-02T16:52:52.335Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f5ba832e-98bc-421d-9b60-e6260c408815?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3074785/colibri-page-builder/trunk/extend-builder/shortcodes/index.php" } ], "timeline": [ { "lang": "en", "time": "2024-04-22T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-3340", "datePublished": "2024-05-02T16:52:52.335Z", "dateReserved": "2024-04-04T19:33:38.309Z", "dateUpdated": "2024-08-01T20:05:08.413Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-5038
Vulnerability from cvelistv5
Published
2024-06-06 11:03
Modified
2024-08-01 21:03
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.276 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-5038", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-06T13:22:26.333962Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-06T13:22:32.888Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:03:10.411Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/08159865-1411-4a07-b5db-f4ba5bf2d633?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/colibri-page-builder/trunk/extend-builder/shortcodes/blog/post-item.php#L132" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3097694/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.276", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Ng\u00f4 Thi\u00ean An" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s shortcode(s) in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-06T11:03:02.821Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/08159865-1411-4a07-b5db-f4ba5bf2d633?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/colibri-page-builder/trunk/extend-builder/shortcodes/blog/post-item.php#L132" }, { "url": "https://plugins.trac.wordpress.org/changeset/3097694/" } ], "timeline": [ { "lang": "en", "time": "2024-06-05T00:00:00.000+00:00", "value": "Disclosed" } ], "title": "Colibri Page Builder \u003c= 1.0.276 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-5038", "datePublished": "2024-06-06T11:03:02.821Z", "dateReserved": "2024-05-16T22:05:58.396Z", "dateUpdated": "2024-08-01T21:03:10.411Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3338
Vulnerability from cvelistv5
Published
2024-05-02 16:51
Modified
2024-08-01 20:05
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt data parameter in all versions up to, and including, 1.0.262 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.262 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-3338", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-06T19:17:08.934024Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:31:24.444Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:05:08.410Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a066eae-4040-4d76-b730-47d98dc37662?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3074785/colibri-page-builder/trunk/extend-builder/extend-builder.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.262", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Matthew Rollings" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt data parameter in all versions up to, and including, 1.0.262 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-02T16:51:59.650Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3a066eae-4040-4d76-b730-47d98dc37662?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3074785/colibri-page-builder/trunk/extend-builder/extend-builder.php" } ], "timeline": [ { "lang": "en", "time": "2024-04-22T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-3338", "datePublished": "2024-05-02T16:51:59.650Z", "dateReserved": "2024-04-04T19:26:27.387Z", "dateUpdated": "2024-08-01T20:05:08.410Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1362
Vulnerability from cvelistv5
Published
2024-02-23 11:03
Modified
2024-08-01 18:33
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the cp_shortcode_refresh() function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.253 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-1362", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-23T14:34:26.733884Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:21:58.174Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:33:25.568Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a5e7a994-c489-4aea-a9bb-898bc92cae4e?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3039597/colibri-page-builder/trunk/src/PageBuilder.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.253", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Lucio S\u00e1" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the cp_shortcode_refresh() function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-23T11:03:46.451Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a5e7a994-c489-4aea-a9bb-898bc92cae4e?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3039597/colibri-page-builder/trunk/src/PageBuilder.php" } ], "timeline": [ { "lang": "en", "time": "2024-02-22T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-1362", "datePublished": "2024-02-23T11:03:46.451Z", "dateReserved": "2024-02-08T18:47:18.368Z", "dateUpdated": "2024-08-01T18:33:25.568Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1870
Vulnerability from cvelistv5
Published
2024-03-09 09:37
Modified
2024-08-01 18:56
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callActivateLicenseEndpoint function in all versions up to, and including, 1.0.260. This makes it possible for authenticated attackers, with subscriber access or higher, to update the license key.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.260 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-1870", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-11T15:04:52.588092Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:59:41.084Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:56:22.387Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/130637ce-d70a-4831-8b88-a2a6e8a95c42?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/colibri-page-builder/trunk/src/License/ActivationForm.php#L356" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3045582/colibri-page-builder/trunk/src/License/ActivationForm.php?contextall=1\u0026old=2888093\u0026old_path=%2Fcolibri-page-builder%2Ftrunk%2Fsrc%2FLicense%2FActivationForm.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.260", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Stacy Purcell" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callActivateLicenseEndpoint function in all versions up to, and including, 1.0.260. This makes it possible for authenticated attackers, with subscriber access or higher, to update the license key." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-862 Missing Authorization", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-03-09T09:37:46.628Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/130637ce-d70a-4831-8b88-a2a6e8a95c42?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/colibri-page-builder/trunk/src/License/ActivationForm.php#L356" }, { "url": "https://plugins.trac.wordpress.org/changeset/3045582/colibri-page-builder/trunk/src/License/ActivationForm.php?contextall=1\u0026old=2888093\u0026old_path=%2Fcolibri-page-builder%2Ftrunk%2Fsrc%2FLicense%2FActivationForm.php" } ], "timeline": [ { "lang": "en", "time": "2024-03-08T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-1870", "datePublished": "2024-03-09T09:37:46.628Z", "dateReserved": "2024-02-23T21:59:45.320Z", "dateUpdated": "2024-08-01T18:56:22.387Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-5020
Vulnerability from cvelistv5
Published
2024-12-04 08:22
Modified
2024-12-04 14:09
Severity ?
EPSS score ?
Summary
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-5020", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-04T14:02:27.273797Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-04T14:09:09.188Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.286", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Gallery Plugin for WordPress \u2013 Envira Photo Gallery", "vendor": "smub", "versions": [ { "lessThanOrEqual": "1.8.15", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Accordion Slider", "vendor": "bqworks", "versions": [ { "lessThanOrEqual": "1.9.12", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Form Maker by 10Web \u2013 Mobile-Friendly Drag \u0026 Drop Contact Form Builder", "vendor": "10web", "versions": [ { "lessThanOrEqual": "1.15.27", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Getwid \u2013 Gutenberg Blocks", "vendor": "jetmonsters", "versions": [ { "lessThanOrEqual": "2.0.11", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Firelight Lightbox", "vendor": "firelightwp", "versions": [ { "lessThanOrEqual": "2.3.3", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Responsive Lightbox \u0026 Gallery", "vendor": "dfactory", "versions": [ { "lessThanOrEqual": "2.4.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Carousel, Slider, Gallery by WP Carousel \u2013 Image Carousel with Lightbox \u0026 Photo Gallery, Video Slider, Post Carousel \u0026 Post Grid, Product Carousel \u0026 Product Grid", "vendor": "shapedplugin", "versions": [ { "lessThanOrEqual": "2.6.8", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "FancyBox for WordPress", "vendor": "colorlibplugins", "versions": [ { "lessThanOrEqual": "3.3.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Visual Portfolio, Photo Gallery \u0026 Post Grid", "vendor": "nko", "versions": [ { "lessThanOrEqual": "3.3.9", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Photo Gallery, Sliders, Proofing and Themes \u2013 NextGEN Gallery", "vendor": "smub", "versions": [ { "lessThanOrEqual": "3.59.4", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "WPC Smart Quick View for WooCommerce", "vendor": "wpclever", "versions": [ { "lessThanOrEqual": "4.1.1", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "Easy Social Feed Premium", "vendor": "Easy Social Feed", "versions": [ { "lessThanOrEqual": "6.6.2", "status": "affected", "version": "*", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "FV Flowplayer Video Player", "vendor": "foliovision", "versions": [ { "lessThanOrEqual": "7.5.47.7212", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Craig Smith" } ], "descriptions": [ { "lang": "en", "value": "Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin\u0027s bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-04T08:22:46.855Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d99d4b9a-aa09-434d-91a8-7afaa0e8b5db?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3150376/woo-smart-quick-view" }, { "url": "https://plugins.trac.wordpress.org/changeset/3153081/colibri-page-builder" }, { "url": "https://plugins.trac.wordpress.org/changeset/3157076/nextgen-gallery" }, { "url": "https://plugins.trac.wordpress.org/changeset/3158415/envira-gallery-lite" }, { "url": "https://plugins.trac.wordpress.org/changeset/3156791/form-maker" }, { "url": "https://plugins.trac.wordpress.org/changeset/3160432/visual-portfolio" }, { "url": "https://plugins.trac.wordpress.org/changeset/3161422/fv-wordpress-flowplayer" }, { "url": "https://plugins.trac.wordpress.org/changeset/3160232/easy-fancybox" }, { "url": "https://plugins.trac.wordpress.org/changeset/3161892/wp-carousel-free" }, { "url": "https://plugins.trac.wordpress.org/changeset/3173097/responsive-lightbox" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3175577%40getwid%2Ftrunk\u0026old=3119180%40getwid%2Ftrunk\u0026sfp_email=\u0026sfph_mail=" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3186301%40fancybox-for-wordpress%2Ftrunk\u0026old=3058912%40fancybox-for-wordpress%2Ftrunk\u0026sfp_email=\u0026sfph_mail=" }, { "url": "https://plugins.trac.wordpress.org/changeset/3169926/accordion-slider" } ], "timeline": [ { "lang": "en", "time": "2024-12-03T00:00:00.000+00:00", "value": "Disclosed" } ], "title": "Multiple Plugins \u003c= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-5020", "datePublished": "2024-12-04T08:22:46.855Z", "dateReserved": "2024-05-16T16:50:11.363Z", "dateUpdated": "2024-12-04T14:09:09.188Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-2839
Vulnerability from cvelistv5
Published
2024-04-02 06:47
Modified
2024-08-01 19:25
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri_post_title' shortcode in all versions up to, and including, 1.0.263 due to insufficient input sanitization and output escaping on user supplied attributes such as 'heading_type'. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.263 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-2839", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-02T15:34:36.950216Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:30:53.818Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:25:42.137Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9466e5f-d8eb-4de4-a1d2-e5ef15bf1e4e?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3061940/colibri-page-builder/trunk/extend-builder/shortcodes/blog/post-item.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.263", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Ng\u00f4 Thi\u00ean An" }, { "lang": "en", "type": "finder", "value": "Dau Hoang Tai" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027colibri_post_title\u0027 shortcode in all versions up to, and including, 1.0.263 due to insufficient input sanitization and output escaping on user supplied attributes such as \u0027heading_type\u0027. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-02T06:47:43.668Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9466e5f-d8eb-4de4-a1d2-e5ef15bf1e4e?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3061940/colibri-page-builder/trunk/extend-builder/shortcodes/blog/post-item.php" } ], "timeline": [ { "lang": "en", "time": "2024-04-01T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-2839", "datePublished": "2024-04-02T06:47:43.668Z", "dateReserved": "2024-03-22T19:16:46.881Z", "dateUpdated": "2024-08-01T19:25:42.137Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-4451
Vulnerability from cvelistv5
Published
2024-06-07 06:52
Modified
2024-08-01 20:40
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's colibri_video_player shortcode in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.276 |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:extendthemes:colibri_page_builder:*:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "colibri_page_builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.276", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-4451", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-07T15:42:38.573719Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-07T15:48:16.311Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:40:47.151Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0afd981e-3ae8-4450-9750-23ff6fe612dc?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3097694/colibri-page-builder/trunk/extend-builder/shortcodes/video.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.276", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Ng\u00f4 Thi\u00ean An" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s colibri_video_player shortcode in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-07T06:52:21.626Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0afd981e-3ae8-4450-9750-23ff6fe612dc?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3097694/colibri-page-builder/trunk/extend-builder/shortcodes/video.php" } ], "timeline": [ { "lang": "en", "time": "2024-05-06T00:00:00.000+00:00", "value": "Vendor Notified" }, { "lang": "en", "time": "2024-06-06T00:00:00.000+00:00", "value": "Disclosed" } ], "title": "Colibri Page Builder \u003c= 1.0.276 - Authenticated (Contributor+) Stored Cross-Site Scripting via colibri_video_player Shortcode" } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-4451", "datePublished": "2024-06-07T06:52:21.626Z", "dateReserved": "2024-05-02T22:04:24.505Z", "dateUpdated": "2024-08-01T20:40:47.151Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3337
Vulnerability from cvelistv5
Published
2024-05-02 16:52
Modified
2024-08-01 20:05
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibri_breadcrumb_element' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.272 |
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-3337", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-09T19:15:10.177001Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:32:58.733Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:05:08.405Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2ae4226-0089-47fb-87b9-94e9faf764e4?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/3074785/colibri-page-builder/trunk/extend-builder/shortcodes/breadcrumb.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.272", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Matthew Rollings" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027colibri_breadcrumb_element\u0027 shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-02T16:52:32.076Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b2ae4226-0089-47fb-87b9-94e9faf764e4?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset/3074785/colibri-page-builder/trunk/extend-builder/shortcodes/breadcrumb.php" } ], "timeline": [ { "lang": "en", "time": "2024-04-22T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2024-3337", "datePublished": "2024-05-02T16:52:32.076Z", "dateReserved": "2024-04-04T19:21:13.997Z", "dateUpdated": "2024-08-01T20:05:08.405Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-2188
Vulnerability from cvelistv5
Published
2023-08-31 05:33
Modified
2024-10-01 18:00
Severity ?
EPSS score ?
Summary
The Colibri Page Builder for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 1.0.227 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.227 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:12:20.621Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c73d4b78-72aa-409a-a787-898179773b82?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/browser/colibri-page-builder/trunk/extend-builder/utils.php#L556" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset/2922722/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-2188", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-01T18:00:07.912406Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-01T18:00:19.192Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.227", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Marco Wotschka" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder for WordPress is vulnerable to SQL Injection via the \u2018post_id\u2019 parameter in versions up to, and including, 1.0.227 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database." } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-31T05:33:13.128Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c73d4b78-72aa-409a-a787-898179773b82?source=cve" }, { "url": "https://plugins.trac.wordpress.org/browser/colibri-page-builder/trunk/extend-builder/utils.php#L556" }, { "url": "https://plugins.trac.wordpress.org/changeset/2922722/" } ], "timeline": [ { "lang": "en", "time": "2023-04-19T00:00:00.000+00:00", "value": "Discovered" }, { "lang": "en", "time": "2023-06-22T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2023-2188", "datePublished": "2023-08-31T05:33:13.128Z", "dateReserved": "2023-04-19T19:13:02.944Z", "dateUpdated": "2024-10-01T18:00:19.192Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-50833
Vulnerability from cvelistv5
Published
2023-12-21 17:53
Modified
2024-08-02 22:23
Severity ?
EPSS score ?
Summary
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.This issue affects Colibri Page Builder: from n/a through 1.0.239.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | ExtendThemes | Colibri Page Builder |
Version: n/a < |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T22:23:44.005Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://patchstack.com/database/vulnerability/colibri-page-builder/wordpress-colibri-page-builder-plugin-1-0-239-cross-site-scripting-xss-vulnerability?_s_id=cve" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "colibri-page-builder", "product": "Colibri Page Builder", "vendor": "ExtendThemes", "versions": [ { "lessThanOrEqual": "1.0.239", "status": "affected", "version": "n/a", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "LVT-tholv2k (Patchstack Alliance)" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.\u003cp\u003eThis issue affects Colibri Page Builder: from n/a through 1.0.239.\u003c/p\u003e" } ], "value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in ExtendThemes Colibri Page Builder allows Stored XSS.This issue affects Colibri Page Builder: from n/a through 1.0.239.\n\n" } ], "impacts": [ { "capecId": "CAPEC-592", "descriptions": [ { "lang": "en", "value": "CAPEC-592 Stored XSS" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-21T17:53:55.510Z", "orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack" }, "references": [ { "tags": [ "vdb-entry" ], "url": "https://patchstack.com/database/vulnerability/colibri-page-builder/wordpress-colibri-page-builder-plugin-1-0-239-cross-site-scripting-xss-vulnerability?_s_id=cve" } ], "source": { "discovery": "EXTERNAL" }, "title": "WordPress Colibri Page Builder Plugin \u003c= 1.0.239 is vulnerable to Cross Site Scripting (XSS)", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "assignerShortName": "Patchstack", "cveId": "CVE-2023-50833", "datePublished": "2023-12-21T17:53:55.510Z", "dateReserved": "2023-12-14T17:18:45.974Z", "dateUpdated": "2024-08-02T22:23:44.005Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6988
Vulnerability from cvelistv5
Published
2024-01-11 08:32
Modified
2024-08-02 08:50
Severity ?
EPSS score ?
Summary
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's extend_builder_render_js shortcode in all versions up to, and including, 1.0.239 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
▼ | URL | Tags |
---|---|---|
https://www.wordfence.com/threat-intel/vulnerabilities/id/300b24af-10a1-45b9-87ec-7c98dc94e76b?source=cve | ||
https://plugins.svn.wordpress.org/colibri-page-builder/trunk/extend-builder/shortcodes/render-js.php | ||
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3013337%40colibri-page-builder&new=3013337%40colibri-page-builder&sfp_email=&sfph_mail= |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | extendthemes | Colibri Page Builder |
Version: * ≤ 1.0.239 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:50:08.246Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/300b24af-10a1-45b9-87ec-7c98dc94e76b?source=cve" }, { "tags": [ "x_transferred" ], "url": "https://plugins.svn.wordpress.org/colibri-page-builder/trunk/extend-builder/shortcodes/render-js.php" }, { "tags": [ "x_transferred" ], "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3013337%40colibri-page-builder\u0026new=3013337%40colibri-page-builder\u0026sfp_email=\u0026sfph_mail=" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Colibri Page Builder", "vendor": "extendthemes", "versions": [ { "lessThanOrEqual": "1.0.239", "status": "affected", "version": "*", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Hung -mov Nguyen" } ], "descriptions": [ { "lang": "en", "value": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s extend_builder_render_js shortcode in all versions up to, and including, 1.0.239 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-11T08:32:30.935Z", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence" }, "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/300b24af-10a1-45b9-87ec-7c98dc94e76b?source=cve" }, { "url": "https://plugins.svn.wordpress.org/colibri-page-builder/trunk/extend-builder/shortcodes/render-js.php" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3013337%40colibri-page-builder\u0026new=3013337%40colibri-page-builder\u0026sfp_email=\u0026sfph_mail=" } ], "timeline": [ { "lang": "en", "time": "2023-12-23T00:00:00.000+00:00", "value": "Disclosed" } ] } }, "cveMetadata": { "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2023-6988", "datePublished": "2024-01-11T08:32:30.935Z", "dateReserved": "2023-12-20T09:38:11.029Z", "dateUpdated": "2024-08-02T08:50:08.246Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }