Vulnerabilities > Brainstormforce > Astra

DATE CVE VULNERABILITY TITLE RISK
2024-06-19 CVE-2023-44148 Missing Authorization vulnerability in Brainstormforce Astra
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7.
network
low complexity
brainstormforce CWE-862
8.8
2023-12-29 CVE-2023-49830 Code Injection vulnerability in Brainstormforce Astra
Improper Control of Generation of Code ('Code Injection') vulnerability in Brainstorm Force Astra Pro.This issue affects Astra Pro: from n/a through 4.3.1.
network
low complexity
brainstormforce CWE-94
8.8
2021-08-09 CVE-2021-24507 SQL Injection vulnerability in Brainstormforce Astra
The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unauthenticated and authenticated user) before using them in SQL statement, leading to an SQL Injection issues
network
low complexity
brainstormforce CWE-89
7.5