HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2023-41804

CVSS 7.1v3.1pub. 2023-12-07upd. 2026-04-28

Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver Builder Templates: from n/a through 3.2.4.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
  • Brainstormforce Starter Templates

    APP
    Brainstormforce
    < 3.2.5
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
SSRF
CWE
References

Related vulnerabilities

CVE-2021-42360HIGH7.6ten sam produkt

On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_p...

CVE-2023-41805MEDIUM6.5ten sam produkt

Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Te...

CVE-2022-46851MEDIUM4.3ten sam produkt

Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates plugin <= 3.1.20 version...

CVE-2023-49830CRITICAL9.9PL ✓ten sam vendor

RCE w Astra Pro – code injection dostępny dla zalogowanych użytkowników

CVE-2021-24507CRITICAL9.8ten sam vendor

The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST paramet...