Post And Page Builder Security Vulnerabilities and Issues — Post And Page Builder CVE List

Lucene search

BoldgridPost And Page Builder

5 matches found

CVE•added 2024/03/26 6:15 a.m.•63 views

CVE-2024-2888

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.26....

6.5CVSS6.7AI score0.0012EPSS

CVE•added 2025/02/06 10:15 a.m.•53 views

CVE-2025-0859

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to ...

6.5CVSS6.2AI score0.00088EPSS

CVE•added 2024/07/20 12:15 p.m.•51 views

CVE-2024-6848

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 1.26.6 due to insufficient input sanitization and output escaping affecting the boldgrid_canvas_image AJAX end...

6.4CVSS5.7AI score0.00119EPSS

CVE•added 2023/10/06 1:15 p.m.•45 views

CVE-2023-25480

Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin

8.8CVSS6.5AI score0.0007EPSS

CVE•added 2024/05/16 11:15 a.m.•45 views

CVE-2024-4400

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plguin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in versions up to, and including, 1.26.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

6.4CVSS7.7AI score0.0017EPSS