Brainstormforce Spectra

18 CVEs affecting Brainstormforce Spectra. Latest disclosed: 2024-12-09. Critical: 0, High: 1.

Top CVEs affecting Brainstormforce Spectra
CVESeverityScorePublishedSummary
CVE-2023-36679High7.12024-03-28Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
CVE-2024-7590Medium6.52024-08-12Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg al…
CVE-2023-49833Medium6.52023-12-14Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Spectra – WordPress Gutenberg Blocks all…
CVE-2024-10484Medium6.42024-12-03The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Team' widget in all versions up to…
CVE-2024-4366Medium6.42024-05-24The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘block_id’ parameter in versions up to, and…
CVE-2024-1815Medium6.42024-05-23The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Gallery block in all versions…
CVE-2024-1814Medium6.42024-05-23The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Testimonial block in all versions u…
CVE-2023-6486Medium6.42024-04-09The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom CSS metabox in all versions up to and…
CVE-2020-36702Medium5.52023-06-07The Ultimate Addons for Gutenberg plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 1.14.7. This is due to…
CVE-2023-36676Medium5.42024-06-19Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
CVE-2020-36656Medium5.42023-02-21The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS att…
CVE-2023-23738Medium5.32024-06-03Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Brainstorm Force Spectra allows Content Spo…
CVE-2023-23735Medium5.32024-06-03Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Brainstorm Force Spectra allows Code Injection.This issue affect…
CVE-2023-23730Medium5.32024-06-03Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: fro…
CVE-2023-23834Medium4.32024-12-09Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spec…
CVE-2024-37517Medium4.32024-11-01Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spec…
CVE-2024-3107Medium4.32024-05-02The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 2.12.6 via the get_block_defaul…
CVE-2023-23825Low3.12024-12-09Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spec…