CVE-2025-0859 | BoldGrid Post and Page Builder Plugin up to 1.27.6 on WordPress template_via_url path traversal

Inserito da Angelo Barbosa | Feb 6, 2025 | CVE

A vulnerability, which was classified as critical, has been found in BoldGrid Post and Page Builder Plugin up to 1.27.6 on WordPress. Affected by this issue is the function template_via_url. The manipulation leads to path traversal.

This vulnerability is handled as CVE-2025-0859. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-0859 | BoldGrid Post and Page Builder Plugin up to 1.27.6 on WordPress template_via_url path traversal

Post correlati

CVE-2024-1938 | Google Chrome prior 122.0.6261.94 V8 type confusion (Issue 324596)

CVE-2024-47082 | strawberry graphql up to 0.242.x Multipart File Upload cross-site request forgery (GHSA-79gp-q4wv-33fr)

CVE-2024-6179 | LG Electronics SuperSign CMS up to 4.3.0 cross site scripting

CVE-2024-12379 | GitLab Community Edition/Enterprise Edition up to 17.6.4/17.7.3/17.8.1 Personal Access Token scopes allocation of resources (Issue 508559)