Vulnerabilities > Brainstormforce

DATE CVE VULNERABILITY TITLE RISK
2024-11-08 CVE-2024-10325 Cross-site Scripting vulnerability in Brainstormforce Elementor Header & Footer Builder
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient input sanitization and output escaping.
network
low complexity
brainstormforce CWE-79
5.4
2024-10-28 CVE-2024-50439 Cross-site Scripting vulnerability in Brainstormforce Astra Widgets
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through 1.2.14.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-22 CVE-2024-33933 Unspecified vulnerability in Brainstormforce Elementor - Header, Footer & Blocks Template
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force, Nikhil Chavan Elementor – Header, Footer & Blocks Template allows DOM-Based XSS.This issue affects Elementor – Header, Footer & Blocks Template: from n/a through 1.6.35.
network
low complexity
brainstormforce
5.4
2024-07-22 CVE-2024-37278 Unspecified vulnerability in Brainstormforce Cards for Beaver Builder
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pratik Chaskar Cards for Beaver Builder.This issue affects Cards for Beaver Builder: from n/a through 1.1.4.
network
low complexity
brainstormforce
5.4
2024-07-17 CVE-2024-5251 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_pricing shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-17 CVE-2024-5252 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_info_table shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-17 CVE-2024-5253 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ult_team shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-17 CVE-2024-5254 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_info_banner shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-17 CVE-2024-5255 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_dual_color shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-09 CVE-2024-37455 Unspecified vulnerability in Brainstormforce Ultimate Addons for Elementor
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.31.
network
low complexity
brainstormforce
8.8