{"id":2967,"date":"2024-02-22T22:45:42","date_gmt":"2024-02-22T22:45:42","guid":{"rendered":"http:\/\/127.0.0.1\/colibri-page-builder-1-0-253-cross-site-request-fogery-via-extend_builder\/"},"modified":"2024-02-22T22:45:42","modified_gmt":"2024-02-22T22:45:42","slug":"colibri-page-builder-1-0-253-cross-site-request-fogery-via-extend_builder","status":"publish","type":"post","link":"http:\/\/127.0.0.1\/colibri-page-builder-1-0-253-cross-site-request-fogery-via-extend_builder\/","title":{"rendered":"Colibri Page Builder <= 1.0.253 – Cross-Site Request Fogery v\u00eda extend_builder"},"content":{"rendered":"
<\/p>\n
La vulnerabilidad Cross-Site Request Forgery (CSRF) afecta al plugin Colibri Page Builder para WordPress en todas las versiones hasta, e incluyendo, la 1.0.253. Esto se debe a la validaci\u00f3n incorrecta o ausente de nonce en la funci\u00f3n apiCall(). Esto permite que atacantes no autenticados llamen a un conjunto limitado de funciones que pueden ser utilizadas […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[680],"class_list":["post-2967","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-cve-2024-1361"],"yoast_head":"\n