{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-52712", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-06-19T10:02:14.559Z", "datePublished": "2025-08-14T10:34:04.649Z", "dateUpdated": "2026-04-01T15:56:08.778Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "post-and-page-builder", "product": "Post and Page Builder by BoldGrid", "vendor": "BoldGrid", "versions": [{"changes": [{"at": "1.27.9", "status": "unaffected"}], "lessThanOrEqual": "1.27.8", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:41:31.763Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Path Traversal: '.../...//' vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Path Traversal.<p>This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.8.</p>"}], "value": "Path Traversal: '.../...//' vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Path Traversal.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.8."}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "Path Traversal"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-35", "description": "Path Traversal: '.../...//'", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-01T15:56:08.778Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/post-and-page-builder/vulnerability/wordpress-post-and-page-builder-by-boldgrid-visual-drag-and-drop-editor-1-27-8-path-traversal-vulnerability?_s_id=cve"}], "title": "WordPress Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor <= 1.27.8 - Path Traversal Vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-14T15:54:45.450265Z", "id": "CVE-2025-52712", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-14T15:54:57.992Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-52712", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-14T15:54:45.450265Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-14T15:54:51.593Z"}}], "cna": {"title": "WordPress Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor <= 1.27.8 - Path Traversal Vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) (Patchstack Alliance)"}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "BoldGrid", "product": "Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor", "versions": [{"status": "affected", "changes": [{"at": "1.27.9", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "1.27.8"}], "packageName": "post-and-page-builder", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update the WordPress Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor plugin to the latest available version (at least 1.27.9).", "supportingMedia": [{"type": "text/html", "value": "Update the WordPress Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor plugin to the latest available version (at least 1.27.9).", "base64": false}]}], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/post-and-page-builder/vulnerability/wordpress-post-and-page-builder-by-boldgrid-visual-drag-and-drop-editor-1-27-8-path-traversal-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Path Traversal vulnerability in BoldGrid Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor allows Path Traversal. This issue affects Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor: from n/a through 1.27.8.", "supportingMedia": [{"type": "text/html", "value": "<p>Path Traversal vulnerability in BoldGrid Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor allows Path Traversal.</p><p>This issue affects Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor: from n/a through 1.27.8.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-35", "description": "CWE-35 Path Traversal"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2025-08-14T10:34:04.649Z"}}}, "cveMetadata": {"cveId": "CVE-2025-52712", "state": "PUBLISHED", "dateUpdated": "2025-08-14T15:54:57.992Z", "dateReserved": "2025-06-19T10:02:14.559Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2025-08-14T10:34:04.649Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Path Traversal: '.../...//' vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Path Traversal.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.8."}, {"lang": "es", "value": "Vulnerabilidad de Path Traversal en BoldGrid Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor permite el Path Traversal. Este problema afecta a Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Editor desde n/d hasta la versi\u00f3n 1.27.8."}], "id": "CVE-2025-52712", "lastModified": "2026-04-01T17:25:36.393", "metrics": {}, "published": "2025-08-14T11:15:41.613", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/post-and-page-builder/vulnerability/wordpress-post-and-page-builder-by-boldgrid-visual-drag-and-drop-editor-1-27-8-path-traversal-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-35"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"created": "2025-08-14T12:50:45.724118+00:00", "updated": "2025-08-14T12:50:45.724168+00:00", "vendors": ["boldgrid", "boldgrid$PRODUCT$post_and_page_builder_by_boldgrid_-_visual_drag_and_drop_editor", "wordpress", "wordpress$PRODUCT$wordpress"]}