Brainstormforce

Starter Templates

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-13065

  • EPSS 0.15%
  • Veröffentlicht 06.12.2025 09:25:58
  • Zuletzt bearbeitet 08.12.2025 18:26:49

The Starter Templates plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 4.4.41. This is due to insufficient file type validation detecting WXR files, allowing double extension files to bypass sanitizati...

4.3

CVE-2025-24568

  • EPSS 0.05%
  • Veröffentlicht 24.01.2025 18:15:33
  • Zuletzt bearbeitet 24.01.2025 18:15:33

Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates allows Cross Site Request Forgery. This issue affects Starter Templates: from n/a through 4.4.9.

5.9

CVE-2024-47345

  • EPSS 0.11%
  • Veröffentlicht 06.10.2024 11:15:13
  • Zuletzt bearbeitet 07.10.2024 17:47:48

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Starter Templates allows Stored XSS.This issue affects Starter Templates: from n/a through 4.4.0.

6.5

CVE-2023-41805

  • EPSS 0.15%
  • Veröffentlicht 19.06.2024 13:15:55
  • Zuletzt bearbeitet 21.11.2024 08:21:42

Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through 3.2.5.

6.4

CVE-2024-4630

  • EPSS 0.15%
  • Veröffentlicht 14.05.2024 15:44:13
  • Zuletzt bearbeitet 21.11.2024 09:43:15

The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘custom_upload_mimes’ function in versions up to, and including, 4.2.0 due to insufficient input sanitiz...

4.3

CVE-2024-1467

  • EPSS 0.13%
  • Veröffentlicht 14.05.2024 14:47:31
  • Zuletzt bearbeitet 21.11.2024 08:50:38

The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.6 via the ai_api_request(). This makes it possible for authenticated a...

7.1

CVE-2023-34370

  • EPSS 0.12%
  • Veröffentlicht 28.03.2024 06:15:07
  • Zuletzt bearbeitet 21.11.2024 08:07:06

Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates, Brainstorm Force Premium Starter Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver ...

5.4

CVE-2023-41804

  • EPSS 0.36%
  • Veröffentlicht 07.12.2023 11:15:07
  • Zuletzt bearbeitet 21.11.2024 08:21:42

Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver Builder Templates: from n/a through 3.2.4.

8.8

CVE-2022-46851

  • EPSS 0.09%
  • Veröffentlicht 23.05.2023 14:15:09
  • Zuletzt bearbeitet 21.11.2024 07:31:10

Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates plugin <= 3.1.20 versions.

5.4

CVE-2021-42360

Exploit
  • EPSS 0.17%
  • Veröffentlicht 17.11.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:27:39

On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability, which includes Contributor-level users, to import blocks onto any page using the astra-page-elementor-batch-process AJAX ac...