This page lists publicly disclosed CVE vulnerabilities affecting brainstormforce starter_templates (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-41805 | Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through 3.2.5. | [email protected] | 6.5 | 0.33% | 2024-06-19 | 2024-11-21 |
| CVE-2023-41804 | Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver Builder Templates: from n/a through 3.2.4. | [email protected] | 7.1 | 0.34% | 2023-12-07 | 2026-04-28 |
| CVE-2022-46851 | Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates plugin <= 3.1.20 versions. | [email protected] | 4.3 | 0.26% | 2023-05-23 | 2024-11-21 |
| CVE-2021-42360 | On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability, which includes Contributor-level users, to import blocks onto any page using the astra-page-elementor-batch-process AJAX action. An attacker could craft and host a block containing malicious JavaScript on a server they controlled, and then use it to overwrite any post or page by sending an AJAX request with the action set to astra-page-elementor-batch-process and the url | [email protected] | 7.6 | 0.58% | 2021-11-17 | 2024-11-21 |