62 matches found
PT-2025-44258
Name of the Vulnerable Software and Affected Versions BoldGrid Client Invoicing by Sprout Invoices versions through 20.8.7 Description An issue exists in Client Invoicing by Sprout Invoices related to incorrectly configured access control security levels, potentially allowing unauthorized access...
EUVD-2021-11699
Malware in sbrugna...
EUVD-2025-3810
Malicious code in bioql PyPI...
EUVD-2024-52151
Malicious code in bioql PyPI...
CVE-2025-24606
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.1...
CVE-2024-53819
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.0...
CVE-2025-24606
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.1...
CVE-2025-24606
CVE-2025-24606: Missing Authorization in WordPress plugin Client Invoicing by Sprout Invoices (Sprout Invoices) — Broken Access Control allowing unauthorized access/privilege escalation in Client Invoicing by Sprout Invoices
CVE-2025-24606 WordPress Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress plugin <=20.8.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.1...
WordPress plugin Client Invoicing by Sprout Invoices 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...
PT-2025-5442 · Sprout Invoices · Client Invoicing
Name of the Vulnerable Software and Affected Versions: Client Invoicing by Sprout Invoices versions prior to 20.8.1 Description: The issue is related to a lack of authorization in Client Invoicing by Sprout Invoices, allowing the exploitation of incorrectly configured access control security...
WordPress Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress plugin <=20.8.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Client Invoicing by Sprout Invoices versions = 20.8.1...
CVE-2024-53819
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through = 20.8.0...
CVE-2024-53819
CVE-2024-53819: Missing Authorization (IDOR) vulnerability in WordPress plugin Sprout Invoices – Client Invoicing by Sprout Invoices, affected versions up to 20.8.0. Root cause: insecure direct object references due to missing authorization. Impact: unauthorized access to client invoicing data as...
PT-2024-35934 · Sprout Invoices · Sprout Invoices Client Invoicing
Name of the Vulnerable Software and Affected Versions: Sprout Invoices Client Invoicing by Sprout Invoices versions through 20.8.0 Description: The issue is related to a Missing Authorization vulnerability. This allows for unauthorized access. Recommendations: For versions through 20.8.0, update ...
WordPress plugin Client Invoicing by Sprout Invoices 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...
WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.0 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Client Invoicing by Sprout Invoices versions = 20.8.0...
WordPress Client Invoicing by Sprout Invoices Plugin <= 20.5.3 is vulnerable to Sensitive Data Exposure
Software Client Invoicing by Sprout Invoices Type Plugin Vulnerable versions = 20.5.3 Fixed in 20.5.4 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 18a5d45d6ab3 Credits Unknown Requir...
CVE-2021-24787
The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
Cross site scripting
The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...