Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

brainstormforce — Vulnerabilities & Security Advisories 49

Browse all 49 CVE security advisories affecting brainstormforce. AI-powered Chinese analysis, POCs, and references for each vulnerability.

BrainStormForce operates as a provider of enterprise collaboration and knowledge management solutions, primarily serving organizations seeking centralized information sharing platforms. Security audits have identified forty-nine Common Vulnerabilities and Exposures (CVEs) associated with its software ecosystem, indicating a significant historical attack surface. The most prevalent vulnerability classes include Cross-Site Scripting (XSS), which allows attackers to inject malicious scripts into web pages viewed by other users, and Remote Code Execution (RCE) flaws that enable unauthorized control over server systems. Additionally, instances of broken access control and privilege escalation have been documented, suggesting weaknesses in user permission management. While no single catastrophic data breach has been widely publicized as a direct result of these specific CVEs, the cumulative nature of these flaws highlights the necessity for rigorous patch management and continuous security monitoring to mitigate risks within deployed environments.

Found 7 results / 49Clear Filters
Top products by brainstormforce: Spectra Gutenberg Blocks – Website Builder for the Block Editor Ultimate Addons for Elementor SureForms – Contact Form, Payment Form & Other Custom Form Builder Ultimate Addons for Beaver Builder – Lite CartFlows – Funnel Builder & Checkout Plugin for WooCommerce Starter Templates – AI-Powered Templates for Elementor & Gutenberg Astra Custom Fonts – Host Your Fonts Locally OttoKit: All-in-One Automation Platform SureForms – Drag and Drop Form Builder for WordPress Starter Templates — Elementor, Gutenberg & Beaver Builder Templates Import / Export Customizer Settings Lightweight Sidebar Manager SureMail – SMTP and Email Logs Plugin with Amazon SES, Postmark, and Other Providers
CVE IDTitleCVSSSeverityPublished
CVE-2026-4987 SureForms <= 2.5.2 - Unauthenticated Payment Amount Validation Bypass via 'form_id' — SureForms – Contact Form, Payment Form & Other Custom Form BuilderCWE-20 7.5 High2026-03-28
CVE-2025-14855 SureForms <= 2.2.0 - Unauthenticated Stored Cross-Site Scripting — SureForms – Contact Form, Payment Form & Other Custom Form BuilderCWE-79 7.2 High2025-12-21
CVE-2025-12535 SureForms <= 1.13.1 - Cross-Site Request Forgery Protection Bypass via Improper Nonce Distribution — SureForms – Contact Form, Payment Form & Other Custom Form BuilderCWE-352 5.3 Medium2025-11-19
CVE-2025-12536 SureForms <= 1.13.1 - Missing Authorization to Unauthenticated Sensitive Information Exposure — SureForms – Contact Form, Payment Form & Other Custom Form BuilderCWE-359 5.3 Medium2025-11-13
CVE-2025-10732 SureForms – Drag and Drop Form Builder for WordPress <= 1.12.1 - Missing Authorization to Authenticated (Contributor+) Information Disclosure — SureForms – Contact Form, Payment Form & Other Custom Form BuilderCWE-862 4.3 Medium2025-10-14
CVE-2025-10489 SureForms – Drag and Drop Form Builder for WordPress <= 1.12.0 - Missing Authorization to Authenticated (Contributor+) Form Creation — SureForms – Contact Form, Payment Form & Other Custom Form BuilderCWE-862 4.3 Medium2025-09-20
CVE-2024-12713 SureForms – Drag and Drop Form Builder for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Protected Post Disclosure — SureForms – Contact Form, Payment Form & Other Custom Form BuilderCWE-862 5.3 Medium2025-01-08

This page lists every published CVE security advisory associated with brainstormforce. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.