| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-0859 | Post and Page Builder by BoldGrid <= 1.27.6 - Path Traversal to Authenticated (Contributor+) Arbitrary File Read via template_via_url Function | boldgrid | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Medium | 6.5 | 2025-02-06 09:21:18 | Deep Dive |
| CVE-2025-24606 | WordPress Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress plugin <=20.8.1 - Broken Access Control vulnerability | BoldGrid | Client Invoicing by Sprout Invoices | 中危 | - | 2025-01-27 14:22:16 | Deep Dive |
| CVE-2025-22759 | WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability | BoldGrid | Post and Page Builder by BoldGrid | Medium | 6.5 | 2025-01-15 15:23:25 | Deep Dive |
| CVE-2024-12008 | W3 Total Cache <= 2.8.1 Information Exposure via Log Files | boldgrid | W3 Total Cache | Medium | 5.3 | 2025-01-14 07:05:41 | Deep Dive |
| CVE-2024-12006 | W3 Total Cache <= 2.8.1 Missing Authorization to Unauthenticated Plugin Deactivation and Extensions Activation/Deactivation | boldgrid | W3 Total Cache | Medium | 5.3 | 2025-01-14 07:05:41 | Deep Dive |
| CVE-2024-12365 | W3 Total Cache <= 2.8.1 - Authenticated (Subscriber+) Missing Authorization to Server-Side Request Forgery | boldgrid | W3 Total Cache | High | 8.5 | 2025-01-14 07:05:40 | Deep Dive |
| CVE-2025-22512 | WordPress Help Scout Plugin <= 6.5.6 - Broken Access Control vulnerability | BoldGrid | Help Scout | Medium | 4.3 | 2025-01-07 14:57:36 | Deep Dive |
| CVE-2024-53819 | WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.0 - Insecure Direct Object References (IDOR) vulnerability | BoldGrid | Client Invoicing by Sprout Invoices | Medium | 5.3 | 2024-12-09 12:26:57 | Deep Dive |
| CVE-2024-9461 | Total Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings | boldgrid | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid | High | 7.2 | 2024-11-26 13:56:54 | Deep Dive |
| CVE-2023-5359 | W3 Total Cache <= 2.7.5 - Sensitive Credentials Stored in Plaintext | boldgrid | W3 Total Cache | Low | 3.7 | 2024-09-24 07:30:45 | Deep Dive |
| CVE-2024-6848 | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.26.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via File Upload | boldgrid | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Medium | 6.4 | 2024-07-20 11:18:28 | Deep Dive |
| CVE-2024-24869 | WordPress Total Upkeep plugin <= 1.15.8 - Arbitrary File Download vulnerability | BoldGrid | Total Upkeep | High | 7.5 | 2024-05-17 08:48:23 | Deep Dive |
| CVE-2024-4400 | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.26.4 - Authenticated (Contributer+) Stored Cross-Site Scripting | boldgrid | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Medium | 6.4 | 2024-05-16 11:05:29 | Deep Dive |
| CVE-2024-2950 | BoldGrid Easy SEO – Simple and Effective SEO <= 1.6.14 - Information Exposure | boldgrid | BoldGrid Easy SEO – Simple and Effective SEO | Medium | 5.3 | 2024-04-06 03:24:45 | Deep Dive |
| CVE-2024-1692 | BoldGrid Easy SEO – Simple and Effective SEO <= 1.6.13 - Authenticated(Contributor+) Stored Cross-Site Scripting via Meta Description | boldgrid | BoldGrid Easy SEO – Simple and Effective SEO | Medium | 6.4 | 2024-03-30 04:31:07 | Deep Dive |
| CVE-2024-2888 | WordPress Post and Page Builder by BoldGrid plugin <= 1.26.2 - Cross Site Scripting (XSS) vulnerability | BoldGrid | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Medium | 6.5 | 2024-03-26 05:41:02 | Deep Dive |
| CVE-2024-0386 | weForms <= 1.6.21 - Unauthenticated Stored Cross-Site Scripting via Referer | boldgrid | weForms – Easy Drag & Drop Contact Form Builder For WordPress | High | 7.2 | 2024-03-12 21:34:34 | Deep Dive |
| CVE-2023-25480 | WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor Plugin <= 1.24.1 is vulnerable to Cross Site Request Forgery (CSRF) | BoldGrid | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Medium | 4.3 | 2023-10-06 12:41:33 | Deep Dive |
| CVE-2022-4932 | Total Upkeep <= 1.14.13 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure | boldgrid | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid | Medium | 4.3 | 2023-03-07 14:47:47 | Deep Dive |
| CVE-2021-24452 | W3 Total Cache < 2.1.5 - Reflected XSS in Extensions Page (JS Context) | BoldGrid | W3 Total Cache | 中危 | - | 2021-07-19 10:53:17 | Deep Dive |