Boldgrid Client Invoicing By Sprout Invoices vulnerabilities
7 known vulnerabilities affecting boldgrid/client_invoicing_by_sprout_invoices.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2025-64227P2CRITICALCVSS 9.8≤ 20.8.72025-12-18
CVE-2025-64227 [CRITICAL] CWE-502 CVE-2025-64227: Deserialization of Untrusted Data vulnerability in BoldGrid Client Invoicing by Sprout Invoices spro
Deserialization of Untrusted Data vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Object Injection.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.7.
nvd
CVE-2026-32401P3HIGHCVSS 7.2≤ 20.8.92026-03-13
CVE-2026-32401 [HIGH] CWE-98 CVE-2026-32401: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows PHP Local File Inclusion.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.9.
nvd
CVE-2025-24606P4MEDIUMCVSS 6.4≤ 20.8.12025-01-27
CVE-2025-24606 [MEDIUM] CWE-862 CVE-2025-24606: Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.1.
nvd
CVE-2026-39562P4MEDIUMCVSS 5.3≤ 20.8.102026-04-08
CVE-2026-39562 [MEDIUM] CWE-862 CVE-2026-39562: Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.10.
nvd
CVE-2026-25364P4MEDIUMCVSS 5.3≤ 20.8.82026-02-19
CVE-2026-25364 [MEDIUM] CWE-862 CVE-2026-25364: Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.8.
nvd
CVE-2024-53819P4MEDIUMCVSS 5.3≤ 20.8.02024-12-09
CVE-2024-53819 [MEDIUM] CWE-862 CVE-2024-53819: Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.0.
nvd
CVE-2025-64229P4MEDIUMCVSS 4.3≤ 20.8.72025-10-29
CVE-2025-64229 [MEDIUM] CWE-862 CVE-2025-64229: Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.7.
nvd