Vulnerabilities > Brainstormforce

DATE CVE VULNERABILITY TITLE RISK
2024-07-22 CVE-2024-33933 Unspecified vulnerability in Brainstormforce Elementor - Header, Footer & Blocks Template
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force, Nikhil Chavan Elementor – Header, Footer & Blocks Template allows DOM-Based XSS.This issue affects Elementor – Header, Footer & Blocks Template: from n/a through 1.6.35.
network
low complexity
brainstormforce
5.4
2024-07-22 CVE-2024-37278 Unspecified vulnerability in Brainstormforce Cards for Beaver Builder
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pratik Chaskar Cards for Beaver Builder.This issue affects Cards for Beaver Builder: from n/a through 1.1.4.
network
low complexity
brainstormforce
5.4
2024-07-17 CVE-2024-5251 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_pricing shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-17 CVE-2024-5252 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_info_table shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-17 CVE-2024-5253 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ult_team shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-17 CVE-2024-5254 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_info_banner shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-17 CVE-2024-5255 Cross-site Scripting vulnerability in Brainstormforce Ultimate Addons for Wpbakery Page Builder
The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_dual_color shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
brainstormforce CWE-79
5.4
2024-07-09 CVE-2024-37455 Unspecified vulnerability in Brainstormforce Ultimate Addons for Elementor
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.31.
network
low complexity
brainstormforce
8.8
2024-06-19 CVE-2023-36676 Unspecified vulnerability in Brainstormforce Spectra
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
network
low complexity
brainstormforce
8.8
2024-06-19 CVE-2023-36684 Unspecified vulnerability in Brainstormforce Convert PRO
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through 1.7.5.
network
low complexity
brainstormforce
critical
9.8