Sprout Clients – CRM and Lead Management

Vulnerabilities 8Slug sprout-clientsLatest version 3.2.3WordPress.org →

Minimum safe version

3.2.3

Update to 3.2.3 or later to address 7 fixable vulnerabilities

Latest available3.2.3 ✓⚠ 1 vulnerability has no fix

Medium 6.5

2026-03-13< 3.2.3

CVE-2026-32424

High 7.1

2025-12-18< 3.2.2

CVE-2025-66118

Medium 6.5

2025-04-01< 3.2.1

CVE-2025-31797

N/A Unfixed

2023-07-18≤ 3.2

WordPress Sprout Clients – CRM and Lead Management Plugin <= 3.2 is vulnerable to Cross Site Scripting (XSS)

N/A

2019-02-25< 3.2

Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update

N/A

< 3.2

Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update

N/A

2022-02-28< 3.2

WordPress Sprout Clients – CRM and Lead Management plugin <= 3.1 - Sensitive Information Disclosure vulnerability

N/A

2022-02-28< 3.2

WordPress Sprout Clients – CRM and Lead Management plugin <= 3.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability