Cross-Site Request Forgery Vulnerability in Starter Templates by Brainstorm Force
CVE-2025-24568

4.3MEDIUM

Key Information:

Vendor

WordPress
Status
Starter Templates
Vendor
CVE Published:
24 January 2025

What is CVE-2025-24568?

The Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates allows attackers to execute unauthorized actions on behalf of authenticated users. This weakness affects all versions from n/a up to 4.4.9, placing users at risk of potential security breaches. Proper validation and security measures should be implemented to mitigate this issue.

Affected Version(s)

Starter Templates <= 4.4.9

References

https://patchstack.com/database/wordpress/plugin/astra-si...
vdb-entry

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Rafie Muhammad (Patchstack)
.