Vulnerabilities and security researches forastra-bulk-edit astra-bulk-edit
Direction: ascendingJun 07, 2024
Astra Bulk Edit # 7d35cfd40271f63ee9a19845bd8b5aefb7ca031e
- CVE, Research URL
- Home page URL
- Application
- Date
- -
- Research Description
- Astra Bulk Edit [astra-bulk-edit] < 1.2.8 WordPress Astra Bulk Edit Plugin <= 1.2.7 is vulnerable to Broken Access Control Update the WordPress Astra Bulk Edit plugin to the latest available version (at least 1.2.8). Rafie Muhammad (Patchstack) discovered and reported this Broken Access Control vulnerability in WordPress Astra Bulk Edit Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has been fixed in version 1.2.8.
- Affected versions
-
max 1.2.8.
- Status
-
vulnerable
Jun 10, 2024
Astra Bulk Edit # CVE-2023-44148
- CVE, Research URL
- Home page URL
- Application
- Date
- Jun 19, 2024
- Research Description
- Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7.
- Affected versions
-
max 1.2.8.
- Status
-
vulnerable
Mar 29, 2026
Astra Bulk Edit # CVE-2026-32431
- CVE, Research URL
- Home page URL
- Application
- Date
- Mar 14, 2026
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Bulk Edit astra-bulk-edit allows DOM-Based XSS.This issue affects Astra Bulk Edit: from n/a through <= 1.2.10.
- Affected versions
-
max 1.2.10.
- Status
-
vulnerable