Astra Security Vulnerabilities and Issues — Astra CVE List

Lucene search

BrainstormforceAstra

4 matches found

CVE•added 2024/04/09 7:15 p.m.•111 views

CVE-2024-2347

The Astra theme for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name in all versions up to, and including, 4.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, t...

6.4CVSS7.6AI score0.00121EPSS

CVE•added 2023/12/29 10:15 a.m.•86 views

CVE-2023-49830

Improper Control of Generation of Code ('Code Injection') vulnerability in Brainstorm Force Astra Pro.This issue affects Astra Pro: from n/a through 4.3.1.

9.9CVSS9.2AI score0.00692EPSS

CVE•added 2024/06/19 12:15 p.m.•81 views

CVE-2023-44148

Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7.

8.8CVSS6.3AI score0.00163EPSS

CVE•added 2021/08/09 10:15 a.m.•49 views

CVE-2021-24507

The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unauthenticated and authenticated user) before using them in SQL statement, leading ...

9.8CVSS9.8AI score0.44195EPSS