Vulnerabilities > Brainstormforce > Astra > 1.4.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-29 | CVE-2023-49830 | Code Injection vulnerability in Brainstormforce Astra Improper Control of Generation of Code ('Code Injection') vulnerability in Brainstorm Force Astra Pro.This issue affects Astra Pro: from n/a through 4.3.1. | 8.8 |
| 2021-08-09 | CVE-2021-24507 | SQL Injection vulnerability in Brainstormforce Astra The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unauthenticated and authenticated user) before using them in SQL statement, leading to an SQL Injection issues | 7.5 |