XSS flaws – Vulnerabilities: Colibri Page Builder v1.0.24

Hi?@polofilm,

We are currently conducting a thorough investigation into the issue.

Cross-site scripting is usually performed on websites where users are registered and have some sort of basic access or privileges, such as Contributors. You can try disabling user registration on your websites if it’s not something that you need. This can be done from your WP Admin Panel > Settings > General page, by unchecking the Membership option (Anyone can register).

Once we have more information, we’ll patch the issue and release an update.

Thank you, and we apologize for any inconvenience!

Hello,

We have release and update in which the issue was fixed.

To check for the latest updates please access WP-Admin -> Updates -> Dashboard -> Check Again and see if you have the latest versions installed.

Hello,

If you update to the latest version the problem should be fixed.

The patchstack report also got updated mentioning that the issue was solved.

https://patchstack.com/database/vulnerability/colibri-page-builder/wordpress-colibri-page-builder-plugin-1-0-239-cross-site-scripting-xss-vulnerability