Vulnerabilidades em boldgrid
44 resultadosCVE-2024-12008MEDIUMW3 Total Cache <= 2.8.1 Information Exposure via Log FilesEPSS 2.2%CVE-2021-24452—W3 Total Cache < 2.1.5 - Reflected XSS in Extensions Page (JS Context)EPSS 2.0%CVE-2021-24436—W3 Total Cache < 2.1.4 - Reflected XSS in Extensions Page (Attribute Context)EPSS 1.9%CVE-2024-12365HIGHW3 Total Cache <= 2.8.1 - Authenticated (Subscriber+) Missing Authorization to Server-Side Request ForgeryEPSS 1.7%CVE-2020-36848HIGHTotal Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup DownloadEPSS 1.1%CVE-2024-9461HIGHTotal Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup SettingsEPSS 1.0%CVE-2026-5032HIGHW3 Total Cache <= 2.9.3 - Unauthenticated Security Token Exposure via User-Agent HeaderEPSS 1.0%CVE-2023-5359LOWW3 Total Cache <= 2.7.5 - Sensitive Credentials Stored in PlaintextEPSS 0.8%CVE-2025-2257HIGHTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command InjectionEPSS 0.7%CVE-2024-24869HIGHWordPress Total Upkeep plugin <= 1.15.8 - Arbitrary File Download vulnerabilityEPSS 0.7%CVE-2025-0859MEDIUMPost and Page Builder by BoldGrid <= 1.27.6 - Path Traversal to Authenticated (Contributor+) Arbitrary File Read via template_via_url FunctionEPSS 0.6%CVE-2021-24427—W3 Total Cache < 2.1.3 - Authenticated Stored XSSEPSS 0.6%CVE-2024-0386HIGHweForms <= 1.6.21 - Unauthenticated Stored Cross-Site Scripting via RefererEPSS 0.6%CVE-2022-4932MEDIUMTotal Upkeep <= 1.14.13 - Missing Authorization to Authenticated (Subscriber+) Information DisclosureEPSS 0.6%CVE-2024-2950MEDIUMBoldGrid Easy SEO – Simple and Effective SEO <= 1.6.14 - Information ExposureEPSS 0.5%CVE-2024-12006MEDIUMW3 Total Cache <= 2.8.1 Missing Authorization to Unauthenticated Plugin Deactivation and Extensions Activation/DeactivationEPSS 0.5%CVE-2024-53819MEDIUMWordPress Client Invoicing by Sprout Invoices plugin <= 20.8.0 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.5%CVE-2024-6848MEDIUMPost and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.26.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via File UploadEPSS 0.4%CVE-2024-13907MEDIUMTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.8 - Authenticated (Administrator+) Server-Side Request ForgeryEPSS 0.4%CVE-2026-32401HIGHWordPress Client Invoicing by Sprout Invoices plugin <= 20.8.9 - Local File Inclusion vulnerabilityEPSS 0.4%