This page lists publicly disclosed CVE vulnerabilities affecting brainstormforce schema (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-1564 | The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode | [email protected] | 4.3 | 0.45% | 2024-03-25 | 2025-06-27 |
| CVE-2023-36682 | Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7. | [email protected] | 7.1 | 0.17% | 2023-11-30 | 2026-04-28 |
| CVE-2023-25058 | Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Schema – All In One Schema Rich Snippets plugin <= 1.6.5 versions. | [email protected] | 4.3 | 0.26% | 2023-05-26 | 2025-06-27 |
| CVE-2018-20977 | The all-in-one-schemaorg-rich-snippets plugin before 1.5.0 for WordPress has XSS on the settings page. | [email protected] | 6.1 | 0.90% | 2019-08-21 | 2025-06-27 |