cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forpost-and-page-builder post-and-page-builder

Direction: descending
Jun 23, 2025

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor # CVE-2025-52713

CVE, Research URL

CVE-2025-52713

Home page URL

Security reports for Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Application

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Date
Jun 20, 2025
Research Description
Server-Side Request Forgery (SSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Server Side Request Forgery. This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.27.8.
Affected versions
Min -, max -.
Status
vulnerable

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor # CVE-2025-52711

CVE, Research URL

CVE-2025-52711

Home page URL

Security reports for Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Application

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Date
Jun 20, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Cross Site Request Forgery. This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.27.8.
Affected versions
Min -, max -.
Status
vulnerable
Feb 12, 2025

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor # CVE-2025-0859

CVE, Research URL

CVE-2025-0859

Home page URL

Security reports for Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Application

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Date
Feb 06, 2025
Research Description
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Affected versions
Min -, max -.
Status
vulnerable
Jan 17, 2025

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor # CVE-2025-22759

CVE, Research URL

CVE-2025-22759

Home page URL

Security reports for Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Application

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Date
Jan 15, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.27.4.
Affected versions
Min -, max -.
Status
vulnerable
Jul 21, 2024

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor # CVE-2024-6848

CVE, Research URL

CVE-2024-6848

Home page URL

Security reports for Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Application

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Date
Jul 20, 2024
Research Description
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 1.26.6 due to insufficient input sanitization and output escaping affecting the boldgrid_canvas_image AJAX endpoint. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Affected versions
Min -, max -.
Status
vulnerable
Jun 07, 2024

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor # CVE-2024-4400

CVE, Research URL

CVE-2024-4400

Home page URL

Security reports for Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Application

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Date
May 16, 2024
Research Description
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plguin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in versions up to, and including, 1.26.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
Min -, max -.
Status
vulnerable

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor # CVE-2023-25480

CVE, Research URL

CVE-2023-25480

Home page URL

Security reports for Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Application

Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Date
Oct 06, 2023
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions.
Affected versions
Min -, max -.
Status
vulnerable

Post and Page Builder by BoldGrid &#8211; Visual Drag and Drop Editor # CVE-2024-2888

CVE, Research URL

CVE-2024-2888

Home page URL

Security reports for Post and Page Builder by BoldGrid &#8211; Visual Drag and Drop Editor

Application

Post and Page Builder by BoldGrid &#8211; Visual Drag and Drop Editor

Date
Mar 26, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.26.2.
Affected versions
Min -, max -.
Status
vulnerable