VYPR

Colibri WP

by WordPress

CVEs (2)

  • CVE-2024-33686MedApr 29, 2024
    risk 0.28cvss 4.3epss 0.01

    Missing Authorization vulnerability in Extend Themes Pathway, Extend Themes Hugo WP, Extend Themes Althea WP, Extend Themes Elevate WP, Extend Themes Brite, Extend Themes Colibri WP, Extend Themes Vertice.This issue affects Pathway: from n/a through 1.0.15; Hugo WP: from n/a…

  • CVE-2024-1360MedFeb 23, 2024
    risk 0.28cvss 4.3epss 0.00

    The Colibri WP theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.94. This is due to missing or incorrect nonce validation on the colibriwp_install_plugin() function. This makes it possible for unauthenticated attackers to…