WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting

WordPress Bello Directory & Listing theme before 1.6.0 contains a reflected cross-site scripting vulnerability. It does not properly sanitize and escape the listinglistview, btbblistingfieldmylat, btbblistingfieldmylng, btbblistingfielddistancevalue, btbblistingfieldmylatdefault,...

CVE-2026-25451

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through = 5.6.4...

CVE-2024-50417

Missing Authorization vulnerability in BoldThemes Bold Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Page Builder: from n/a through 5.1.3...

CVE-2024-30442

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.8.0...

CVE-2024-30179

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.7.6...