Happyfuntime

**Name of the Vulnerable Software and Affected Versions** Colibri Page Builder plugin for WordPress versions up to, and including, 1.0.260 **Description** The issue is related to unauthorized modification of data due to a missing capability check on the `callActivateLicenseEndpoint` function. This allows authenticated attackers with subscriber access or higher to update the license key. **Recommendations** For versions up to, and including, 1.0.260, update to a version higher than 1.0.260 to resolve the issue. As a temporary workaround, consider restricting access to the `callActivateLicenseEndpoint` function until a patch is available.