目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

brainstormforce 厂商漏洞列表 / CVE 中文分析 49

brainstormforce 厂商相关 49 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

BrainStormForce 主要提供网络安全解决方案,其相关组件或项目已关联 49 条 CVE。历史漏洞多集中于远程代码执行、跨站脚本及身份验证绕过等高危类型,反映出输入验证与访问控制机制的潜在缺陷。部分重大事件涉及关键接口未授权访问,导致敏感数据泄露风险。建议用户及时更新补丁,强化配置审计,以缓解已知安全隐患,确保系统稳定性与数据完整性。

上位製品 brainstormforce: Spectra Gutenberg Blocks – Website Builder for the Block Editor Ultimate Addons for Elementor SureForms – Contact Form, Payment Form & Other Custom Form Builder Ultimate Addons for Beaver Builder – Lite CartFlows – Funnel Builder & Checkout Plugin for WooCommerce Starter Templates – AI-Powered Templates for Elementor & Gutenberg Astra Custom Fonts – Host Your Fonts Locally OttoKit: All-in-One Automation Platform SureForms – Drag and Drop Form Builder for WordPress Starter Templates — Elementor, Gutenberg & Beaver Builder Templates Import / Export Customizer Settings Lightweight Sidebar Manager SureMail – SMTP and Email Logs Plugin with Amazon SES, Postmark, and Other Providers
CVE IDタイトルCVSS深刻度公開日
CVE-2024-2619 Elementor Header & Footer Builder <= 1.6.26 - Authenticated (Author+) HTML Injection — Ultimate Addons for ElementorCWE-862 5.0 Medium2024-05-16
CVE-2024-4634 Elementor Header & Footer Builder <= 1.6.28 - Authenticated (Contributor+) Stored Cross-Site Scripting — Ultimate Addons for ElementorCWE-79 6.4 Medium2024-05-16
CVE-2024-4630 Starter Templates — Elementor, WordPress & Beaver Builder Templates <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Starter Templates – AI-Powered Templates for Elementor & GutenbergCWE-79 6.4 Medium2024-05-11
CVE-2024-1467 Starter Templates — Elementor, WordPress & Beaver Builder Templates <= 4.1.6 - Authenticated (Contributor+) Server-Side Request Forgery — Starter Templates – AI-Powered Templates for Elementor & GutenbergCWE-918 4.3 Medium2024-05-09
CVE-2024-3107 Spectra – WordPress Gutenberg Blocks <= 2.12.6 - Authenticated (Contributor+) Path Traversal — Spectra Gutenberg Blocks – Website Builder for the Block EditorCWE-22 4.3 Medium2024-05-02
CVE-2024-2347 Astra <= 4.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Display Name — AstraCWE-79 6.4 Medium2024-04-09
CVE-2023-6486 Spectra – WordPress Gutenberg Blocks <= 2.10.3 - Authenticated(Contributor+) Cross-Site Scripting via Custom CSS — Spectra Gutenberg Blocks – Website Builder for the Block EditorCWE-79 6.4 Medium2024-04-09
CVE-2024-2142 Ultimate Addons for Beaver Builder – Lite <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Info Table Widget — Ultimate Addons for Beaver Builder – LiteCWE-79 6.4 Medium2024-03-30
CVE-2024-2140 Ultimate Addons for Beaver Builder – Lite <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Icons Widget — Ultimate Addons for Beaver Builder – LiteCWE-79 6.4 Medium2024-03-30
CVE-2024-2144 Ultimate Addons for Beaver Builder – Lite <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget — Ultimate Addons for Beaver Builder – LiteCWE-79 6.4 Medium2024-03-30
CVE-2024-2141 Ultimate Addons for Beaver Builder – Lite <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget — Ultimate Addons for Beaver Builder – LiteCWE-79 6.4 Medium2024-03-30
CVE-2024-2143 Ultimate Addons for Beaver Builder – Lite <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading Widget — Ultimate Addons for Beaver Builder – LiteCWE-79 6.4 Medium2024-03-30
CVE-2024-1237 Elementor Header & Footer Builder <= 1.6.24 - Authenticated (Contributor+) Stored Cross-Site Scripting — Ultimate Addons for ElementorCWE-79 6.4 Medium2024-03-13
CVE-2020-36747 Lightweight Sidebar Manager <= 1.1.4 - Cross-Site Request Forgery Bypass — Lightweight Sidebar ManagerCWE-352 4.3 Medium2023-07-01
CVE-2020-36736 WooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce <= 1.5.15 - Cross-Site Request Forgery Bypass — CartFlows – Funnel Builder & Checkout Plugin for WooCommerceCWE-352 4.3 Medium2023-07-01
CVE-2020-36737 Import / Export Customizer Settings <= 1.0.3 - Cross-Site Request Forgery Bypass — Import / Export Customizer SettingsCWE-352 4.3 Medium2023-07-01
CVE-2019-25151 Funnel Builder <= 1.3.0 - Arbitrary Plugin Activation — CartFlows – Funnel Builder & Checkout Plugin for WooCommerceCWE-269 5.4 Medium2023-06-07
CVE-2020-36702 Spectra – WordPress Gutenberg Blocks <= 1.14.7 - Missing Authorization — Spectra Gutenberg Blocks – Website Builder for the Block EditorCWE-862 5.5 Medium2023-06-07
CVE-2021-42360 Starter Templates — Elementor, Gutenberg & Beaver Builder Templates <= 2.7.0 Authenticated Block Import to Stored XSS — Starter Templates — Elementor, Gutenberg & Beaver Builder TemplatesCWE-284 7.6 High2021-11-17

本页汇总了 brainstormforce 厂商截至目前公开的全部 49 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。