4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Vulnerabilities in Brainstorm Force\",\"url\":\"https://vexday.io/en/vendor/Brainstorm%20Force\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":66},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://vexday.io/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Technologies\",\"item\":\"https://vexday.io/en/vendors\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Brainstorm Force\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/en","children":"Home"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/en/vendors","children":"Technologies"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"Brainstorm Force"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Vulnerabilities in"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"Brainstorm Force"}]]}],["$","span",null,{"className":"t","children":["66"," ","results"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2025-27007",{"className":"item","href":"/en/cve/CVE-2025-27007","children":[["$","span",null,{"className":"cid","children":"CVE-2025-27007"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"50.2%"}]]}],false]}]]}],["$","$La","CVE-2024-3240",{"className":"item","href":"/en/cve/CVE-2024-3240","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3240"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"ConvertPlug <= 3.5.25 - Authenticated (Contributor+) PHP Object Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.8%"}]]}],false]}]]}],["$","$La","CVE-2023-49830",{"className":"item","href":"/en/cve/CVE-2023-49830","children":[["$","span",null,{"className":"cid","children":"CVE-2023-49830"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Astra Pro Plugin <= 4.3.1 is vulnerable to Remote Code Execution (RCE)"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.7%"}]]}],false]}]]}],["$","$La","CVE-2023-23834",{"className":"item","href":"/en/cve/CVE-2023-23834","children":[["$","span",null,{"className":"cid","children":"CVE-2023-23834"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Activate_Plugin vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2024-4838",{"className":"item","href":"/en/cve/CVE-2024-4838","children":[["$","span",null,{"className":"cid","children":"CVE-2024-4838"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"ConvertPlus <= 3.5.26 - Authenticated (Contributor+) PHP Object Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2024-3828",{"className":"item","href":"/en/cve/CVE-2024-3828","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3828"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Spectra Pro <= 1.1.5 - Authenticated (Author+) Privilege Escalation"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2023-51401",{"className":"item","href":"/en/cve/CVE-2023-51401","children":[["$","span",null,{"className":"cid","children":"CVE-2023-51401"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.13 - Limited Arbitrary File Download vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2023-49833",{"className":"item","href":"/en/cve/CVE-2023-49833","children":[["$","span",null,{"className":"cid","children":"CVE-2023-49833"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Spectra Plugin <= 2.7.9 is vulnerable to Cross Site Scripting (XSS)"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2023-51398",{"className":"item","href":"/en/cve/CVE-2023-51398","children":[["$","span",null,{"className":"cid","children":"CVE-2023-51398"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.14 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2023-50890",{"className":"item","href":"/en/cve/CVE-2023-50890","children":[["$","span",null,{"className":"cid","children":"CVE-2023-50890"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Ultimate Addons for Elementor plugin <= 1.36.20 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2023-23825",{"className":"item","href":"/en/cve/CVE-2023-23825","children":[["$","span",null,{"className":"cid","children":"CVE-2023-23825"}],["$","span",null,{"className":"sevtag LOW","children":"LOW"}],["$","span",null,{"className":"tt2","children":"WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Import_WPforms vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-12434",{"className":"item","href":"/en/cve/CVE-2024-12434","children":[["$","span",null,{"className":"cid","children":"CVE-2024-12434"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"SureMembers <= 1.10.6 - Sensitive Information Exposure"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2023-46205",{"className":"item","href":"/en/cve/CVE-2023-46205","children":[["$","span",null,{"className":"cid","children":"CVE-2023-46205"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.19.14 - Local File Inclusion vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-37455",{"className":"item","href":"/en/cve/CVE-2024-37455","children":[["$","span",null,{"className":"cid","children":"CVE-2024-37455"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Ultimate Addons for elementor plugin <= 1.36.31 - Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2023-36684",{"className":"item","href":"/en/cve/CVE-2023-36684","children":[["$","span",null,{"className":"cid","children":"CVE-2023-36684"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Convert Pro plugin <= 1.7.5 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2023-36676",{"className":"item","href":"/en/cve/CVE-2023-36676","children":[["$","span",null,{"className":"cid","children":"CVE-2023-36676"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Spectra plugin <= 2.6.6 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-13800",{"className":"item","href":"/en/cve/CVE-2024-13800","children":[["$","span",null,{"className":"cid","children":"CVE-2024-13800"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Popup Plugin For WordPress - ConvertPlus <= 3.5.30 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-37517",{"className":"item","href":"/en/cve/CVE-2024-37517","children":[["$","span",null,{"className":"cid","children":"CVE-2024-37517"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Spectra plugin <= 2.13.7 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2023-44148",{"className":"item","href":"/en/cve/CVE-2023-44148","children":[["$","span",null,{"className":"cid","children":"CVE-2023-44148"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Astra Bulk Edit plugin <= 1.2.7 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2026-49781",{"className":"item","href":"/en/cve/CVE-2026-49781","children":[["$","span",null,{"className":"cid","children":"CVE-2026-49781"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress OttoKit plugin <= 1.1.27 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}]]}],["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"off","children":"← previous"}],["$","span",null,{"className":"pgnum","children":["page"," ","1"," / ","4"]}],["$","$La",null,{"href":"?page=2","children":"next →"}]]}]]}]