CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by vendor Brainstormforce Subscriptions

Total 105 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-42648	2 Brainstormforce, Wordpress	2 Spectra, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.22.
CVE-2026-42377	2 Brainstormforce, Wordpress	2 Sureforms, Wordpress	2026-04-29	7.3 High
Missing Authorization vulnerability in Brainstorm Force SureForms Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SureForms Pro: from n/a through 2.8.0.
CVE-2026-39477	2 Brainstormforce, Wordpress	2 Cartflows, Wordpress	2026-04-29	4.3 Medium
Missing Authorization vulnerability in Brainstorm Force CartFlows cartflows allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CartFlows: from n/a through <= 2.2.3.
CVE-2023-23834	1 Brainstormforce	1 Spectra	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.
CVE-2023-23825	1 Brainstormforce	1 Spectra	2026-04-28	3.1 Low
Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.
CVE-2023-23729	2 Brainstormforce, Wordpress	2 Spectra, Wordpress	2026-04-28	5.4 Medium
Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0.
CVE-2023-51402	1 Brainstormforce	1 Ultimate Addons For Wpbakery Page Builder	2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Brain Storm Force Ultimate Addons for WPBakery Page Builder.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through 3.19.17.
CVE-2023-51397	1 Brainstormforce	1 Wp Remote Site Search	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force WP Remote Site Search allows Stored XSS.This issue affects WP Remote Site Search: from n/a through 1.0.4.
CVE-2023-49830	1 Brainstormforce	1 Astra	2026-04-28	9.9 Critical
Improper Control of Generation of Code ('Code Injection') vulnerability in Brainstorm Force Astra Pro.This issue affects Astra Pro: from n/a through 4.3.1.
CVE-2023-49833	1 Brainstormforce	1 Spectra	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Spectra – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Spectra – WordPress Gutenberg Blocks: from n/a through 2.7.9.
CVE-2023-46211	1 Brainstormforce	1 Ultimate Addons For Wpbakery Page Builder	2026-04-28	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder plugin <= 3.19.14 versions.
CVE-2023-41804	1 Brainstormforce	1 Starter Templates	2026-04-28	7.1 High
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver Builder Templates: from n/a through 3.2.4.
CVE-2023-36684	1 Brainstormforce	1 Convert Pro	2026-04-28	7.1 High
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through 1.7.5.
CVE-2023-36682	1 Brainstormforce	1 Schema	2026-04-28	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7.
CVE-2023-36685	1 Brainstormforce	1 Cartflows	2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC CartFlows Pro allows Cross Site Request Forgery.This issue affects CartFlows Pro: from n/a through 1.11.12.
CVE-2023-36679	1 Brainstormforce	1 Spectra	2026-04-28	7.1 High
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
CVE-2023-23882	1 Brainstormforce	1 Ultimate Addons For Beaver Builder	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder – Lite.This issue affects Ultimate Addons for Beaver Builder – Lite: from n/a through 1.5.5.
CVE-2023-23738	1 Brainstormforce	1 Spectra	2026-04-28	5.3 Medium
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Brainstorm Force Spectra allows Content Spoofing, Phishing.This issue affects Spectra: from n/a through 2.3.0.
CVE-2025-68497	2 Brainstormforce, Wordpress	2 Astra Widgets, Wordpress	2026-04-24	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through <= 1.2.16.
CVE-2026-34889	2 Brainstormforce, Wordpress	2 Ultimate Addons For Wpbakery Page Builder, Wordpress	2026-04-24	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Ultimate Addons for WPBakery Page Builder allows DOM-Based XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a before 3.21.4.

Page 1 of 6. next last »