Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

boldgrid — Vulnerabilities & Security Advisories 42

Browse all 42 CVE security advisories affecting boldgrid. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products boldgrid:W3 Total CacheClient Invoicing by Sprout InvoicesTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGridPost and Page Builder by BoldGrid – Visual Drag and Drop EditorPost and Page Builder by BoldGridSprout ClientsweForms – Easy Drag & Drop Contact Form Builder For WordPressBoldGrid Easy SEO – Simple and Effective SEOweFormsTotal UpkeepHelp Scout
CVE IDTitleCVSSSeverityPaused
CVE-2026-39562 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.10 - Broken Access Control vulnerability — Client Invoicing by Sprout InvoicesCWE-862 9.1AICriticalAI2026-04-08
CVE-2026-5032 W3 Total Cache <= 2.9.3 - Unauthenticated Security Token Exposure via User-Agent Header — W3 Total CacheCWE-200 7.5 High2026-04-02
CVE-2026-32484 WordPress weForms plugin <= 1.6.26 - PHP Object Injection vulnerability — weFormsCWE-502 9.8 -2026-03-25
CVE-2026-32424 WordPress Sprout Clients plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability — Sprout ClientsCWE-79 5.4 -2026-03-13
CVE-2026-32401 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.9 - Local File Inclusion vulnerability — Client Invoicing by Sprout InvoicesCWE-98 9.1 -2026-03-13
CVE-2026-2707 weForms <= 1.6.27 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Hidden Field Value via REST API — weForms – Easy Drag & Drop Contact Form Builder For WordPressCWE-79 6.4 Medium2026-03-11
CVE-2026-27384 WordPress W3 Total Cache plugin <= 2.9.1 - Arbitrary Code Execution vulnerability — W3 Total CacheCWE-1284 7.5 -2026-03-05
CVE-2026-25364 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.8 - Broken Access Control vulnerability — Client Invoicing by Sprout InvoicesCWE-862 9.1AICriticalAI2026-02-19
CVE-2025-69345 WordPress Post and Page Builder by BoldGrid plugin <= 1.27.9 - Broken Access Control vulnerability — Post and Page Builder by BoldGridCWE-862 4.3 Medium2026-01-06
CVE-2025-69028 WordPress weForms plugin <= 1.6.25 - Broken Access Control vulnerability — weFormsCWE-862 9.1 -2025-12-30
CVE-2025-66118 WordPress Sprout Clients plugin <= 3.2.1 - Cross Site Scripting (XSS) vulnerability — Sprout ClientsCWE-79 6.1AIMediumAI2025-12-18
CVE-2025-64227 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.7 - PHP Object Injection vulnerability — Client Invoicing by Sprout InvoicesCWE-502 9.8AICriticalAI2025-12-18
CVE-2025-64229 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.7 - Broken Access Control vulnerability — Client Invoicing by Sprout InvoicesCWE-862 9.1AICriticalAI2025-10-29
CVE-2025-52712 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.27.8 - Path Traversal Vulnerability — Post and Page Builder by BoldGridCWE-35 4.2 Medium2025-08-14
CVE-2020-36848 Total Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup Download — Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGridCWE-200 7.5 High2025-07-12
CVE-2025-52711 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.8 - Cross Site Request Forgery (CSRF) Vulnerability — Post and Page Builder by BoldGridCWE-352 4.3 Medium2025-06-20
CVE-2025-52713 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.8 - Server Side Request Forgery (SSRF) Vulnerability — Post and Page Builder by BoldGridCWE-918 6.4 Medium2025-06-20
CVE-2025-31797 WordPress Sprout Clients plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability — Sprout ClientsCWE-79 6.5 Medium2025-04-01
CVE-2025-2257 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command Injection — Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGridCWE-78 7.2 High2025-03-26
CVE-2024-13907 Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.8 - Authenticated (Administrator+) Server-Side Request Forgery — Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGridCWE-918 4.9 Medium2025-02-27
CVE-2025-0859 Post and Page Builder by BoldGrid <= 1.27.6 - Path Traversal to Authenticated (Contributor+) Arbitrary File Read via template_via_url Function — Post and Page Builder by BoldGrid – Visual Drag and Drop EditorCWE-22 6.5 Medium2025-02-06
CVE-2025-24606 WordPress Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress plugin <=20.8.1 - Broken Access Control vulnerability — Client Invoicing by Sprout InvoicesCWE-862 8.1 -2025-01-27
CVE-2025-22759 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability — Post and Page Builder by BoldGridCWE-79 6.5 Medium2025-01-15
CVE-2024-12008 W3 Total Cache <= 2.8.1 Information Exposure via Log Files — W3 Total CacheCWE-200 5.3 Medium2025-01-14
CVE-2024-12006 W3 Total Cache <= 2.8.1 Missing Authorization to Unauthenticated Plugin Deactivation and Extensions Activation/Deactivation — W3 Total CacheCWE-862 5.3 Medium2025-01-14
CVE-2024-12365 W3 Total Cache <= 2.8.1 - Authenticated (Subscriber+) Missing Authorization to Server-Side Request Forgery — W3 Total CacheCWE-862 8.5 High2025-01-14
CVE-2025-22512 WordPress Help Scout Plugin <= 6.5.6 - Broken Access Control vulnerability — Help ScoutCWE-862 4.3 Medium2025-01-07
CVE-2024-53819 WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.0 - Insecure Direct Object References (IDOR) vulnerability — Client Invoicing by Sprout InvoicesCWE-862 5.3 Medium2024-12-09
CVE-2024-9461 Total Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings — Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGridCWE-78 7.2 High2024-11-26
CVE-2023-5359 W3 Total Cache <= 2.7.5 - Sensitive Credentials Stored in Plaintext — W3 Total CacheCWE-200 3.7 Low2024-09-24

This page lists every published CVE security advisory associated with boldgrid. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.