Skip to main content

Starter Templates

3 CVEs product

Monthly

CVE-2024-13924 MEDIUM This Month

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'http_request_host_is_external' filter. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SSRF Starter Templates
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2023-41804 HIGH This Week

Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates - Elementor, WordPress & Beaver Builder Templates.2.4. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

SSRF WordPress Starter Templates
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2021-42360 MEDIUM POC This Month

On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability, which includes Contributor-level users, to import blocks onto any page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Starter Templates
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 0% CVSS 5.3
MEDIUM This Month

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'http_request_host_is_external' filter. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SSRF Starter Templates
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates - Elementor, WordPress & Beaver Builder Templates.2.4. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

SSRF WordPress Starter Templates
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

On sites that also had the Elementor plugin for WordPress installed, it was possible for users with the edit_posts capability, which includes Contributor-level users, to import blocks onto any page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Starter Templates
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy