GCVE - cpe:2.3:a:brainstorm_force:spectra:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:brainstorm_force:spectra:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Brainstorm Force (`ed596997-4e58-5bba-8739-dbf2a1ffb70e`)
Product	Spectra (`30f1cd88-2154-51ef-bbe0-32f2a4d314d1`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-42648`	vulnerable	2026-06-03 15:25:01.438216	WordPress Spectra plugin <= 2.19.22 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.22. Published: 2026-04-29T10:40:45.921Z Updated: 2026-05-12T11:03:21.810Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/ultimate-addons-for-gutenberg/vulnerability/wordpress-spectra-plugin-2-19-22-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-24982`	vulnerable	2026-06-03 15:16:53.715628	WordPress Spectra plugin <= 2.19.17 - Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.17. Published: 2026-02-03T14:08:35.807Z Updated: 2026-04-28T16:14:52.596Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/ultimate-addons-for-gutenberg/vulnerability/wordpress-spectra-plugin-2-19-17-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-7590`	vulnerable	2026-06-03 14:58:06.472314	WordPress Spectra plugin<= 2.14.1 - Cross Site Scripting (XSS) vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows DOM-Based XSS.This issue affects Spectra: from n/a through <= 2.14.1. Published: 2024-08-12T21:47:59.631Z Updated: 2026-04-28T16:10:57.336Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/ultimate-addons-for-gutenberg/vulnerability/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-14-1-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37517`	vulnerable	2026-06-03 14:56:06.845548	WordPress Spectra plugin <= 2.13.7 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.13.7. Published: 2024-11-01T14:18:11.894Z Updated: 2026-04-28T16:10:00.563Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-plugin-2-13-7-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-36679`	vulnerable	2026-06-03 14:52:27.047909	WordPress Spectra plugin <= 2.6.6 - Server Side Request Forgery (SSRF) vulnerability HIGH (7.1) Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6. Published: 2024-03-28T05:58:25.636Z Updated: 2026-04-28T16:08:31.768Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-plugin-2-6-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-36676`	vulnerable	2026-06-03 14:52:27.033612	WordPress Spectra plugin <= 2.6.6 - Broken Access Control vulnerability MEDIUM (5.4) Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6. Published: 2024-06-19T13:52:41.584Z Updated: 2026-04-28T16:08:31.655Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-plugin-2-6-6-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23834`	vulnerable	2026-06-03 14:49:28.779515	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Activate_Plugin vulnerability MEDIUM (4.3) Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0. Published: 2024-12-09T11:31:48.575Z Updated: 2026-04-28T16:08:03.289Z Open on db.gcve.eu Reference links https://patchstack.com/database/wordpress/plugin/ultimate-addons-for-gutenberg/vulnerability/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-broken-access-control-csrf-on-activate-plugin-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23825`	vulnerable	2026-06-03 14:49:28.756395	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Import_WPforms vulnerability LOW (3.1) Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0. Published: 2024-12-09T11:31:49.415Z Updated: 2026-04-28T16:08:02.905Z Open on db.gcve.eu Reference links https://patchstack.com/database/wordpress/plugin/ultimate-addons-for-gutenberg/vulnerability/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-broken-access-control-csrf-on-import-wpforms-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23738`	vulnerable	2026-06-03 14:49:28.589103	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Unauthenticated Email Spoofing Vulnerability MEDIUM (5.3) Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Brainstorm Force Spectra allows Content Spoofing, Phishing.This issue affects Spectra: from n/a through 2.3.0. Published: 2024-06-03T21:33:35.646Z Updated: 2026-04-28T16:08:01.636Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-unauthenticated-email-spoofing-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23735`	vulnerable	2026-06-03 14:49:28.585674	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Unauthenticated Email HTML Injection Vulnerability MEDIUM (5.3) Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Brainstorm Force Spectra allows Code Injection.This issue affects Spectra: from n/a through 2.3.0. Published: 2024-06-03T21:26:09.020Z Updated: 2026-04-28T16:08:01.683Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-unauthenticated-email-html-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23730`	vulnerable	2026-06-03 14:49:28.570518	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Captcha Bypass Vulnerability MEDIUM (5.3) Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a through 2.3.0. Published: 2024-06-03T21:24:35.797Z Updated: 2026-04-28T16:08:01.567Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/ultimate-addons-for-gutenberg/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-captcha-bypass-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23729`	vulnerable	2026-06-03 14:49:28.568021	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Contributor+ reCAPTCHA Settings Change Vulnerability MEDIUM (5.4) Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0. Published: 2025-12-09T16:40:37.764Z Updated: 2026-04-28T16:08:01.547Z Open on db.gcve.eu Reference links https://vdp.patchstack.com/database/wordpress/plugin/ultimate-addons-for-gutenberg/vulnerability/wordpress-spectra-wordpress-gutenberg-blocks-plugin-2-3-0-contributor-recaptcha-settings-change-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.