PT-2026-23258

Name of the Vulnerable Software and Affected Versions BoldGrid W3 Total Cache versions through 2.9.1 Description The software contains an improper validation of specified quantity in input, potentially allowing access to functionality not properly constrained by access control lists ACLs...

WordPress Post and Page Builder by BoldGrid plugin <= 1.26.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via File Upload vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via File Upload vulnerability discovered by wesley wcraft in WordPress Plugin Post and Page Builder by BoldGrid versions = 1.26.6...

CVE-2023-25480

Cross-Site Request Forgery CSRF vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin = 1.24.1 versions...

CVE-2025-69345 WordPress Post and Page Builder by BoldGrid plugin <= 1.27.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post and Page Builder by BoldGrid: from n/a through = 1.27.9...

CVE-2025-69345

CVE-2025-69345 refers to a Missing Authorization vulnerability in the BoldGrid Post and Page Builder (Post and Page Builder by BoldGrid). The issue affects BoldGrid Post and Page Builder plugins for WordPress, specifically versions from n/a through 1.27.9. Wordfence Intelligence details list the ...

CVE-2025-69345 WordPress Post and Page Builder by BoldGrid plugin <= 1.27.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post and Page Builder by BoldGrid: from n/a through = 1.27.9...

EUVD-2025-1899

Malicious code in bioql PyPI...

CVE-2020-36848

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via the env-info.php and restore-info.json files. This makes it possible for unauthenticated attackers to...

CVE-2025-52713 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.8 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Server Side Request Forgery.This issue affects Post and Page Builder by BoldGrid: from n/a through = 1.27.8...

CVE-2025-52711 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.8 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Cross Site Request Forgery.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.27.8...

WordPress plugin Post and Page Builder by BoldGrid – Visual Drag and Drop Editor 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Post and Page Builder by BoldGrid -...

WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.8 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Post and Page Builder by BoldGrid versions = 1.27.8...

CVE-2025-0859

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the templateviaurl function. This makes it possible for authenticated attackers, with Contributor-level access and above, to re...

CVE-2025-0859

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the templateviaurl function. This makes it possible for authenticated attackers, with Contributor-level access and above, to re...

CVE-2025-0859

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the templateviaurl function. This makes it possible for authenticated attackers, with Contributor-level access and above, to re...

CVE-2025-0859 Post and Page Builder by BoldGrid <= 1.27.6 - Path Traversal to Authenticated (Contributor+) Arbitrary File Read via template_via_url Function

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the templateviaurl function. This makes it possible for authenticated attackers, with Contributor-level access and above, to re...

CVE-2025-0859

CVE-2025-0859 : Post and Page Builder by BoldGrid – Visual Drag and Drop Editor (WordPress) is affected by a Path Traversal in versions up to 1.27.6 via template_via_url(), enabling authenticated users at Contributor level or higher to read arbitrary server files. The vulnerability is documented ...

CVE-2025-22759

CVE-2025-22759 : Stored XSS in BoldGrid Post and Page Builder (Visual Drag and Drop Editor) affecting BoldGrid Post and Page Builder versions up to 1.27.5. Public description notes improper input neutralization during web page generation. Connected sources (Wordfence/Red Hat) indicate the patch s...

CVE-2025-22759 WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Stored XSS.This issue affects Post and Page Builder by BoldGrid: from n/a through = 1.27.5...

WordPress plugin Post and Page Builder by BoldGrid – Visual Drag and Drop Editor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...