2 matches found
CVE-2025-68497
The CVE-2025-68497 entry covers a Stored XSS vulnerability in Brainstorm Force Astra Widgets (astra-widgets) affecting versions up to 1.2.16. The root cause is improper neutralization/escaping of user-supplied input during web page generation, enabling arbitrary scripts to be injected into pages ...
CVE-2024-50439 WordPress Astra Widgets plugin <= 1.2.14 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through = 1.2.14...