Brainstormforce: >> Astra Security Vulnerabilities
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-06-19
Improper Control of Generation of Code ('Code Injection') vulnerability in Brainstorm Force Astra Pro.This issue affects Astra Pro: from n/a through 4.3.1.
CVSS Score
9.9
EPSS Score
0.007
Published
2023-12-29
The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unauthenticated and authenticated user) before using them in SQL statement, leading to an SQL Injection issues
CVSS Score
9.8
EPSS Score
0.442
Published
2021-08-09