What the vulnerability does
01Description
Path Traversal: '.../...//' vulnerability in BoldGrid Post and Page Builder by BoldGrid post-and-page-builder allows Path Traversal.This issue affects Post and Page Builder by BoldGrid: from n/a through <= 1.27.8.
Explanation of Vulnerability in Simple Terms
02Summary
Post and Page Builder by BoldGrid versions up to 1.27.8 contain a vulnerability allowing authenticated users with low privileges to read sensitive information and modify data. The vulnerability requires network access and high attack complexity. No availability impact occurs. Update to a version newer than 1.27.8 to remediate.
What an attacker can do
03Attacker Capabilities
Read sensitive information and modify data within the application scope.
Potential impact on your site
04Site Impact
Authenticated users can access and modify content they shouldn't have permission to view or edit.
Conditions required to exploit
05Prerequisites
Attacker must be authenticated with low-level user privileges; no user interaction required.
Key dates
06Disclosure timeline
August 14, 2025
CVE published
April 28, 2026
Record updated