Description
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Published: 2025-02-06
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Read of Server Files
Action: Apply Patch
AI Analysis

Impact

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress contains a Path Traversal flaw in all versions up to and including 1.27.6. The flaw is triggered by the template_via_url() function, allowing an authenticated attacker with at least Contributor-level access to read the contents of arbitrary files located on the server. The vulnerability is a classic directory traversal issue (CWE‑22) and can expose sensitive configuration, credentials or other critical files if the file paths are not properly validated.

Affected Systems

WordPress sites running the BoldGrid Post and Page Builder plugin, specifically version 1.27.6 or any earlier release. The vulnerability impacts users who have contributed privileges or higher within WordPress, and the affected product is listed under the BoldGrid vendor on the WordPress plugin repository.

Risk and Exploitability

The CVSS score of 6.5 indicates a moderate risk, while the EPSS score indicates a very low probability of exploitation (<1 %). The vulnerability is not listed in the CISA KEV catalog. An attacker would need valid contributor credentials and would exploit the path traversal via the template_via_url function to read unintended files. The attack vector is therefore authenticated, and the user must have at least Contributor privileges to exploit the flaw.

Generated by OpenCVE AI on April 28, 2026 at 12:04 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Post and Page Builder plugin to version 1.27.7 or later, which resolves the path traversal issue.
  • Restrict Contributor‑level access to trusted users and review roles to reduce the risk of an attacker gaining the necessary permissions.
  • Enable or review file‑access audit logs on the web server to detect unauthorized reads of sensitive files.

Generated by OpenCVE AI on April 28, 2026 at 12:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-1899 The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
History

Wed, 19 Mar 2025 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Boldgrid
Boldgrid post And Page Builder
CPEs cpe:2.3:a:boldgrid:post_and_page_builder:*:*:*:*:*:wordpress:*:*
Vendors & Products Boldgrid
Boldgrid post And Page Builder

Thu, 06 Feb 2025 09:30:00 +0000

Type Values Removed Values Added
Description The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Title Post and Page Builder by BoldGrid <= 1.27.6 - Path Traversal to Authenticated (Contributor+) Arbitrary File Read via template_via_url Function
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Boldgrid Post And Page Builder
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:36:12.200Z

Reserved: 2025-01-29T21:10:39.430Z

Link: CVE-2025-0859

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2025-02-06T10:15:08.340

Modified: 2025-03-19T20:35:32.317

Link: CVE-2025-0859

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T12:15:30Z

Weaknesses