Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates plugin <= 3.1.20 versions.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NBrainstormforce Starter Templates
APPBrainstormforce< 3.1.21
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2023-41804HIGH7.1ten sam produkt
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress ...
CVE-2021-42360HIGH7.6ten sam produkt
On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_p...
CVE-2023-41805MEDIUM6.5ten sam produkt
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Te...
CVE-2023-49830CRITICAL9.9PL ✓ten sam vendor
RCE w Astra Pro – code injection dostępny dla zalogowanych użytkowników
CVE-2021-24507CRITICAL9.8ten sam vendor
The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST paramet...