Lucene search
K
BoldgridPost And Page Builder

5 matches found

CVE
CVE
added 2024/03/26 5:41 a.m.79 views

CVE-2024-2888

CVE-2024-2888 is a Stored XSS vulnerability in BoldGrid Post and Page Builder – Visual Drag and Drop Editor for WordPress. The description (shared across sources) states improper input neutralization during web page generation, enabling stored XSS. Affected range is shown as requiring patching up...

6.5CVSS8.6AI score0.00336EPSS
CVE
CVE
added 2025/02/06 9:21 a.m.75 views

CVE-2025-0859

CVE-2025-0859 : Post and Page Builder by BoldGrid – Visual Drag and Drop Editor (WordPress) is affected by a Path Traversal in versions up to 1.27.6 via template_via_url(), enabling authenticated users at Contributor level or higher to read arbitrary server files. The vulnerability is documented ...

6.5CVSS6.2AI score0.0065EPSS
CVE
CVE
added 2024/07/20 11:18 a.m.72 views

CVE-2024-6848

CVE-2024-6848 affects the WordPress plugin “Post and Page Builder by BoldGrid – Visual Drag and Drop Editor” up to version 1.26.6. The issue is Stored Cross-Site Scripting via file uploads, caused by insufficient input sanitization and output escaping on the boldgrid_canvas_image AJAX endpoint. A...

6.4CVSS5.7AI score0.00466EPSS
CVE
CVE
added 2023/10/06 12:41 p.m.68 views

CVE-2023-25480

CVE-2023-25480 describes a Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor for WordPress. The issue affects versions = 1.24.2. Reported impact categories in the sources include potential unauthorized actions performed on ...

8.8CVSS6.5AI score0.00214EPSS
CVE
CVE
added 2024/05/16 11:5 a.m.60 views

CVE-2024-4400

CVE-2024-4400 affects the WordPress plugin “Post and Page Builder by BoldGrid – Visual Drag and Drop Editor.” The vulnerability is a Stored Cross‑Site Scripting (XSS) flaw caused by insufficient input sanitization and output escaping in versions up to and including 1.26.4. Authentication is requi...

6.4CVSS7.7AI score0.00263EPSS