CVE-2025-22759

Medium CVSS: 5.4

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Stored XSS.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.5.

Vendor

Boldgrid

Product

Post And Page Builder By Boldgrid - Visual Drag And Drop Editor

CWE

CWE-79

Yayın Tarihi

2025-01-15 16:15:38

Güncelleme

2026-04-01 16:22:40

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-79 Post And Page Builder By Boldgrid - Visual Drag And Drop Editor MEDIUM Boldgrid 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/post-and-page-builder/vulnerability/wordpress-post-and-page-builder-by-boldgrid-visual-drag-and-drop-editor-plugin-1-27-4-cross-site-scripting-xss-vulnerability?_s_id=cve

Benzer Kayıtlar

High

CVE-2020-36848

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sens…

High

CVE-2025-2257

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remo…

Medium

CVE-2024-13907

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Serv…

Medium

CVE-2025-0859

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal…

High

CVE-2024-12365

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check o…

Medium

CVE-2024-12006

The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability c…