Astra Security & Risk Analysis
wordpress.org/themes/astraThe Astra WordPress theme is lightning-fast and highly customizable. It has over 1 million downloads and the only theme in the world with 6,000+ five-star reviews! It’s ideal for professional web designers, solopreneurs, small businesses, eCommerce, membership sites and any type ...
v4.12.5 1.0M active installs brainstormforce Updated Mar 16, 2026
Is Astra Safe to Use in 2026?
Generally Safe
Score 96/100Astra has a strong security track record. Known vulnerabilities have been patched promptly.
3 known CVEsLast CVE: Mar 10, 2026Updated 18d ago
Astra Security Vulnerabilities 3
CVEs by Year
2 CVEs in 2024
1 CVE in 2026
Patched Has unpatched
Severity Breakdown
Medium
3
3 total CVEs
CVE-2026-3534medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Astra <= 4.12.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta
Mar 10, 2026 Patched in 4.12.4 (1d)
CVE-2024-29768medium · 5.5Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Astra <= 4.6.4 - Authenticated (Editor+) Stored Cross-Site Scripting via Theme Header/Footer
Mar 25, 2024 Patched in 4.6.5 (4d)
CVE-2024-2347medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Astra <= 4.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Display Name
Mar 25, 2024 Patched in 4.6.9 (16d)
Developer Profile
Brainstorm Force
32 plugins · 8.6M total installs
78
trust score
Avg Security Score
98/100
Avg Patch Time
196 days