[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTnWysXvY5jVmfcNXUk55qBZKcxTfAmCf_5wXCF79mLk":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":57,"analysis":58,"fingerprints":114},"astra-bulk-edit","Astra Bulk Edit","1.2.11","Brainstorm Force","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainstormforce\u002F","\u003Cp>The Astra Bulk Edit plugin is useful for editing Astra Meta settings on a number of pages\u002Fposts at once.\u003C\u002Fp>\n\u003Cp>Some examples:\u003Cbr \u002F>\n1. Enable or Disable the Page Title from multiple pages.\u003Cbr \u002F>\n2. Make the pages full width.\u003C\u002Fp>\n\u003Cp>It reduces the pain of opening each page\u002Fpost and modifying it as required.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The Astra Bulk Edit plugin is created for the \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002F?utm_source=wp-repo&utm_campaign=astra-bulk-edit&utm_medium=description\" rel=\"nofollow ugc\">Astra theme\u003C\u002Fa>. You should have the Astra theme installed and activated on your website.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FmQlTDTXQ8aw?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>What’s More?\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.brainstormforce.com\u002Fgo\u002Fastra-hooks\u002F?utm_source=wp-repo&utm_campaign=astra-bulk-edit&utm_medium=plugins\" rel=\"nofollow ugc\">Astra Hooks\u003C\u002Fa>: The Astra Hooks plugin allows you to insert actions throughout the theme. It allows you to hook custom content, JavaScript code, shortcodes, etc in various hook locations.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.brainstormforce.com\u002Fgo\u002Fastra-customizer-reset\u002F?utm_source=wp-repo&utm_campaign=astra-bulk-edit&utm_medium=plugins\" rel=\"nofollow ugc\">Astra Customizer Reset\u003C\u002Fa>: Wish to revert some customization settings that you’ve made in the Astra theme? The Astra Customizer Reset plugin allows you to do this through the customizer itself.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.brainstormforce.com\u002Fgo\u002Fcustom-typekit-fonts\u002F?utm_source=wp-repo&utm_campaign=astra-bulk-edit&utm_medium=plugins\" rel=\"nofollow ugc\">Custom Typekit Fonts\u003C\u002Fa>: The Custom Typekit Font plugin lets you to extend font support from typekit.\u003C\u002Fp>\n","An easy-to-use plugin for the Astra theme that lets you edit Page Meta Settings for multiple pages\u002Fposts at once.",30000,762533,80,4,"2026-02-26T04:50:00.000Z","6.9.4","4.4","5.2",[20,21,22,23,24],"astra-meta-settings","bulk-edit-astra-meta-settings","meta-settings-bulk-edit","page-bulk-edit","wordpress-bulk-edit-plugin","http:\u002F\u002Fwww.wpastra.com\u002Fpro\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fastra-bulk-edit.1.2.11.zip",100,1,0,"2023-09-22 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2023-44148","astra-bulk-edit-missing-authorization","Astra Bulk Edit \u003C= 1.2.7 - Missing Authorization","The Astra Bulk Edit plugin for WordPress is vulnerable to unauthorized missing authorization due to a missing capability check on the save_post_bulk_edit function in versions up to, and including, 1.2.7. This makes it possible for attackers with contributor-level access or higher to bulk edit posts.",null,"\u003C1.2.8","1.2.8","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2024-01-22 19:56:02",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F2548d5b0-1f1a-4847-a5ea-e3bb6f7a5013?source=api-prod",123,{"slug":50,"display_name":7,"profile_url":8,"plugin_count":51,"total_installs":52,"avg_security_score":53,"avg_patch_time_days":54,"trust_score":55,"computed_at":56},"brainstormforce",32,8627510,98,196,78,"2026-04-03T23:32:42.548Z",[],{"attackSurface":59,"codeSignals":94,"taintFlows":107,"riskAssessment":108,"analyzedAt":113},{"hooks":60,"ajaxHandlers":84,"restRoutes":91,"shortcodes":92,"cronEvents":93,"entryPointCount":28,"unprotectedCount":29},[61,68,73,76,80],{"type":62,"name":63,"callback":64,"priority":65,"file":66,"line":67},"action","admin_init","setup_admin_init",999,"classes\\class-astra-blk-meta-boxes-bulk-edit.php",50,{"type":62,"name":69,"callback":70,"priority":71,"file":66,"line":72},"bulk_edit_custom_box","display_quick_edit_custom",10,53,{"type":62,"name":74,"callback":70,"priority":71,"file":66,"line":75},"quick_edit_custom_box",54,{"type":62,"name":77,"callback":78,"file":66,"line":79},"admin_enqueue_scripts","enqueue_admin_scripts_and_styles",56,{"type":62,"name":81,"callback":82,"file":66,"line":83},"save_post","save_meta_box",58,[85],{"action":86,"nopriv":87,"callback":88,"hasNonce":89,"hasCapCheck":89,"file":66,"line":90},"astra_save_post_bulk_edit",false,"save_post_bulk_edit",true,60,[],[],[],{"dangerousFunctions":95,"sqlUsage":96,"outputEscaping":98,"fileOperations":29,"externalRequests":29,"nonceChecks":104,"capabilityChecks":105,"bundledLibraries":106},[],{"prepared":29,"raw":29,"locations":97},[],{"escaped":99,"rawEcho":28,"locations":100},31,[101],{"file":66,"line":102,"context":103},367,"raw output",2,3,[],[],{"summary":109,"deductions":110},"The astra-bulk-edit plugin version 1.2.11 exhibits a generally strong security posture based on the static analysis. The absence of dangerous functions, file operations, and external HTTP requests is commendable. SQL queries are exclusively handled with prepared statements, and a high percentage of outputs are properly escaped, significantly reducing the risk of common web vulnerabilities like SQL injection and XSS. The presence of nonce and capability checks on entry points further bolsters its defenses against unauthorized access and actions.\n\nDespite these strengths, a past vulnerability classified as 'Missing Authorization' in late 2023, even though currently unpatched in known CVEs, warrants attention. While the static analysis indicates no immediate authorization issues within the analyzed code, this historical pattern suggests a potential recurring weakness or an area that requires vigilant monitoring. The limited attack surface of a single AJAX handler, which crucially has authorization checks, is a positive indicator. However, a single unpatched medium severity vulnerability, even if historical, is enough to prevent a perfect score and necessitates careful consideration.\n\nIn conclusion, the plugin demonstrates good security practices, particularly in its handling of database queries and output sanitization. The presence of security checks on its single entry point is a positive sign. The primary concern stems from a past medium severity vulnerability related to missing authorization. While there are no current unpatched CVEs or critical static analysis findings, this history suggests that developers should remain diligent in thoroughly reviewing authorization logic for any potential future issues.",[111],{"reason":112,"points":71},"Past medium severity vulnerability: Missing Authorization","2026-03-16T17:23:09.203Z",{"wat":115,"direct":123},{"assetPaths":116,"generatorPatterns":118,"scriptPaths":119,"versionParams":120},[117],"\u002Fwp-content\u002Fplugins\u002Fastra-bulk-edit\u002Fclasses\u002Fclass-astra-blk-meta-boxes-bulk-edit.php",[],[],[121,122],"astra-bulk-edit\u002Fclasses\u002Fclass-astra-blk-meta-boxes-bulk-edit.php?ver=","astra-bulk-edit.php?ver=",{"cssClasses":124,"htmlComments":127,"htmlAttributes":130,"restEndpoints":133,"jsGlobals":135,"shortcodeOutput":137},[125,126],"astra-bulk-edit-wrap","astra-bulk-edit-container",[128,129],"Bulk Edit For Astra","Meta Boxes setup",[131,132],"data-astra-bulk-edit-nonce","data-astra-bulk-edit-post-ids",[134],"\u002Fwp-json\u002Fastra-bulk-edit\u002Fv1\u002Fsave",[136],"AstraBulkEdit",[]]