← Back

Astra

astra

Vendor: Brainstormforce • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-44148
1Brainstormforce
1Astra
Jun 17, 2026
Jun 19, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7.
CVE-2023-49830
1Brainstormforce
1Astra
Jun 17, 2026
Dec 29, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Improper Control of Generation of Code ('Code Injection') vulnerability in Brainstorm Force Astra Pro.This issue affects Astra Pro: from n/a through 4.3.1.
CVE-2021-24507
1Brainstormforce
1Astra
Jun 17, 2026
Aug 9, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unaut...Show more
The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unauthenticated and authenticated user) before using them in SQL statement, leading to an SQL Injection issuesShow less