Post And Page Builder By Boldgrid Visual Drag And Drop Editor
by Boldgrid
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-22759 | Med | 0.42 | 6.5 | 0.00 | Jan 15, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Stored XSS.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.5. | ||
| CVE-2025-0859 | 0.00 | — | 0.01 | Feb 6, 2025 | The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, with Contributor-level… | |||
| CVE-2024-6848 | 0.00 | — | 0.00 | Jul 20, 2024 | The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 1.26.6 due to insufficient input sanitization and output escaping affecting the… | |||
| CVE-2023-25480 | 0.00 | — | 0.00 | Oct 6, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions. |
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Stored XSS.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.5.
- CVE-2025-0859Feb 6, 2025risk 0.00cvss —epss 0.01
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, with Contributor-level…
- CVE-2024-6848Jul 20, 2024risk 0.00cvss —epss 0.00
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 1.26.6 due to insufficient input sanitization and output escaping affecting the…
- CVE-2023-25480Oct 6, 2023risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions.