cleantalk
Vulnerabilities and Security Researches

Astra Bulk Edit, 7d35cfd40271f63ee9a19845bd8b5aefb7ca031e

CVE, Research URL

7d35cfd40271f63ee9a19845bd8b5aefb7ca031e

Home page URL

Security reports for Astra Bulk Edit

Application

Astra Bulk Edit

Published on
-
Research Description
Astra Bulk Edit [astra-bulk-edit] < 1.2.8 WordPress Astra Bulk Edit Plugin <= 1.2.7 is vulnerable to Broken Access Control Update the WordPress Astra Bulk Edit plugin to the latest available version (at least 1.2.8). Rafie Muhammad (Patchstack) discovered and reported this Broken Access Control vulnerability in WordPress Astra Bulk Edit Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has been fixed in version 1.2.8.
Affected versions
max 1.2.8.
Status
vulnerable
Previous vulnerability researches
Astra Bulk Edit (CVE-2026-32431) , Mar 29, 2026
Astra Bulk Edit (7d35cfd40271f63ee9a19845bd8b5aefb7ca031e) , Jun 07, 2024
Astra Bulk Edit (CVE-2023-44148) , Jun 10, 2024
New vulnerability
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-27327) , Mar 29, 2026
Strong Testimonials (CVE-2026-24957) , Mar 29, 2026
BackWPup &#8211; WordPress Backup Plugin (CVE-2025-15041) , Mar 29, 2026
hCaptcha for WordPress (CVE-2026-25315) , Mar 29, 2026
Breeze &#8211; WordPress Cache Plugin (CVE-2025-13864) , Mar 29, 2026