Colabrio Norebro Extra Code Injection Vulnerability
Vulnerability
A cross-site scripting (XSS) vulnerability allowing code injection has been identified in the Colabrio Norebro Extra WordPress plugin, affecting versions through 1.6.8. This vulnerability arises from improper neutralization of script-related HTML tags, which can be exploited to inject malicious code into web pages.
Impact
Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.
Added: Dec 16, 2025, 9:45 AM
Updated: Dec 16, 2025, 5:39 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
1.7exploitability
6.4remediation
0.0relevance
1.6threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.