CVE-2025-22759 Information

Description

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.27.4.

Reference

https://patchstack.com/database/wordpress/plugin/post-and-page-builder/vulnerability/wordpress-post-and-page-builder-by-boldgrid-visual-drag-and-drop-editor-plugin-1-27-4-cross-site-scripting-xss-vulnerability?_s_id=cve