CVE-2026-32431
DOM-Based XSS in Astra Bulk Edit Plugin Allows Code Injection
Publication date: 2026-03-13
Last updated on: 2026-03-13
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| brainstorm_force | astra_bulk_edit | to 1.2.10 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can lead to the execution of malicious scripts on your website, which may result in unauthorized redirects, display of unwanted advertisements, or other harmful HTML payloads.
Because exploitation requires interaction by a privileged user, the risk is somewhat limited but still significant as it can compromise the integrity and security of your website.
The vulnerability has a moderate severity with a CVSS score of 6.5, indicating potential impacts on confidentiality, integrity, and availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a DOM-Based Cross Site Scripting (XSS) affecting the Astra Bulk Edit WordPress plugin up to version 1.2.10. Detection involves identifying if the vulnerable plugin version is installed and if privileged users (Contributor or Developer roles) have interacted with potentially malicious inputs.
There are no specific commands provided in the resources to detect exploitation on your network or system. However, general detection methods include:
- Checking the installed version of the Astra Bulk Edit plugin to see if it is version 1.2.10 or earlier.
- Monitoring web server logs for suspicious requests or unusual input patterns that could indicate attempted script injection.
- Using web application security scanners that can detect XSS vulnerabilities in web applications.
- Reviewing user activity logs for privileged users interacting with suspicious links or forms.
What immediate steps should I take to mitigate this vulnerability?
The primary immediate mitigation step is to update the Astra Bulk Edit plugin to version 1.2.11 or later, where this vulnerability has been patched.
Additional mitigation options include enabling auto-updates for the plugin to ensure timely application of security patches.
Limiting privileged user interactions with untrusted links or forms can reduce the risk of exploitation, as exploitation requires user interaction by privileged roles.
Can you explain this vulnerability to me?
CVE-2026-32431 is a Cross Site Scripting (XSS) vulnerability affecting the WordPress Astra Bulk Edit Plugin versions up to and including 1.2.10.
This vulnerability allows a malicious actor to inject and execute malicious scriptsβsuch as redirects, advertisements, or other HTML payloadsβon websites using the affected plugin.
Exploitation requires user interaction by a privileged user (Contributor or Developer role), who must perform an action like clicking a malicious link, visiting a crafted page, or submitting a form.