cleantalk
Vulnerabilities and Security Researches

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress, CVE-2025-64229

CVE, Research URL

CVE-2025-64229

Home page URL

Security reports for Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Application

Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress

Published on
Oct 29, 2025
Research Description
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.7.
Affected versions
max 20.8.7.
Status
vulnerable
Previous vulnerability researches
Boldermail – Email Marketing and Newsletters for WordPress (CVE-2025-52740) , Nov 11, 2025
New vulnerability
Range Slider AddOn for Gravity Forms (CVE-2025-49905) , Nov 11, 2025
YOP Poll (CVE-2025-62040) , Nov 11, 2025
Insert Headers and Footers Code &#8211; HT Script (CVE-2025-12112) , Nov 11, 2025
Easy Appointments (CVE-2025-49398) , Nov 11, 2025
Keyy Two Factor Authentication (like Clef) (CVE-2025-10293) , Nov 11, 2025