cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forsprout-invoices sprout-invoices

Direction: ascending
Jun 07, 2024

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress # CVE-2021-24787

CVE, Research URL

CVE-2021-24787

Home page URL

Security reports for Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Application

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Date
Nov 17, 2021
Research Description
The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Affected versions
max 20.5.4.
Status
vulnerable
Dec 11, 2024

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress # CVE-2024-53819

CVE, Research URL

CVE-2024-53819

Home page URL

Security reports for Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Application

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Date
Dec 09, 2024
Research Description
Missing Authorization vulnerability in Sprout Invoices Client Invoicing by Sprout Invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through 20.8.0.
Affected versions
max 20.8.0.
Status
vulnerable
Jan 29, 2025

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress # CVE-2025-24606

CVE, Research URL

CVE-2025-24606

Home page URL

Security reports for Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Application

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Date
Jan 27, 2025
Research Description
Missing Authorization vulnerability in Sprout Invoices Client Invoicing by Sprout Invoices allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Client Invoicing by Sprout Invoices: from n/a through 20.8.1.
Affected versions
max 20.8.2.
Status
vulnerable
Nov 11, 2025

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress # CVE-2025-64229

CVE, Research URL

CVE-2025-64229

Home page URL

Security reports for Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Application

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Date
Oct 29, 2025
Research Description
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.7.
Affected versions
max 20.8.7.
Status
vulnerable