BoldGrid Client Invoicing by Sprout Invoices: Unauthorized Access to Invoices

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

BoldGrid Client Invoicing by Sprout Invoices: Unauthorized Access to Invoices

CVE-2026-39562

Summary

A security issue exists in BoldGrid Client Invoicing by Sprout Invoices. If access controls are not set up correctly, an attacker may be able to view or manipulate sensitive client invoices. Update to version 20.8.11 or later to fix this issue.

Original title

Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client...

Original description

Vulnerability type

CWE-862 Missing Authorization

https://patchstack.com/database/Wordpress/Plugin/sprout-invoices/vulnerability/w...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026