boldgrid vulnerabilities and exploits

(subscribe to this query)

The Total Upkeep plugin for WordPress is vulnerable to information disclosure in versions up to, and including 1.14.13. This is due to missing authorization on the heartbeat_received() function that triggers on WordPress heartbeat. This makes it possible for authenticated attacke...

Boldgrid Total Upkeep – Wordpress Backup Plugin Plus Restore & Migrate By Boldgrid Boldgrid Total Upkeep

Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.24.1 versions.

Boldgrid Post And Page Builder By Boldgrid - Visual Drag And Drop Editor

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.16.8 via the 'download' function. This makes it possible for authenticated a...

Boldgrid Total Upkeep – Wordpress Backup Plugin Plus Restore & Migrate By Boldgrid Boldgrid Total Upkeep

W3 Total Cache prior to 0.9.2.5 allows remote malicious users to retrieve password hash information due to insecure storage of database cache files.

Boldgrid W3 Total Cache

The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated malicious users to impersonate W3...

Boldgrid W3 Total Cache

1 Github repository

The W3 Total Cache WordPress plugin prior to 2.1.3 did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue

Boldgrid W3 Total Cache

The W3 Total Cache WordPress plugin prior to 2.1.4 was vulnerable to a reflected Cross-Site Scripting (XSS) security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow...

Boldgrid W3 Total Cache

The W3 Total Cache WordPress plugin prior to 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as t...

Boldgrid W3 Total Cache

Cross-site scripting (XSS) vulnerability in the W3 Total Cache plugin prior to 0.9.4.1 for WordPress, when debug mode is enabled, allows remote malicious users to inject arbitrary web script or HTML via the "Cache key" in the HTML-Comments, as demonstrated by the PATH_I...

Boldgrid W3 Total Cache

The W3 Total Cache plugin prior to 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redire...

Boldgrid W3 Total Cache

1 2 3 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook