Test ID:	1.3.6.1.4.1.25623.1.0.127562
Category:	Web application abuses
Title:	WordPress Colibri Page Builder Plugin < 1.0.229 SQLi Vulnerability
Summary:	The WordPress plugin 'Colibri Page Builder' is prone to an; SQL injection (SQLi) vulnerability.
Description:	Summary: The WordPress plugin 'Colibri Page Builder' is prone to an SQL injection (SQLi) vulnerability. Vulnerability Impact: Authenticated attackers with administrator-level privileges are able to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Affected Software/OS: WordPress Colibri Page Builder prior to version 1.0.229. Solution: Update to version 1.0.229 or later. CVSS Score: 6.1 CVSS Vector: AV:N/AC:L/Au:M/C:C/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-2188 https://plugins.trac.wordpress.org/browser/colibri-page-builder/trunk/extend-builder/utils.php#L556 https://plugins.trac.wordpress.org/changeset/2922722/ https://www.wordfence.com/threat-intel/vulnerabilities/id/c73d4b78-72aa-409a-a787-898179773b82?source=cve
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.