CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

RedhatCVE•added 2026/01/09 9:27 a.m.•3 views

CVE-2023-45110

Missing Authorization vulnerability in boldthemes Bold Timeline Lite bold-timeline-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Timeline Lite: from n/a through = 1.1.9...

4.3CVSS7.3AI score0.00134EPSS

Exploits0References1

Patchstack•added 2025/12/31 12:0 a.m.•3 views

WordPress Bold Timeline Lite plugin <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'title' Parameter in 'boldtimelinegroup' Shortcode vulnerability discovered by zaim in WordPress Plugin Bold Timeline Lite versions = 1.2.7...

6.4CVSS5.9AI score0.00041EPSS

Exploits0References1Affected Software1

CNVD•added 2025/12/30 12:0 a.m.•3 views

WordPress Bold Timeline Lite plugin cross-site scripting vulnerability

WordPress Bold Timeline Lite plugin is a free plugin designed for creating dynamic timeline content on WordPress websites. The WordPress Bold Timeline Lite plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...

5.4CVSS6.1AI score0.00029EPSS

Exploits0References1

Patchstack•added 2025/12/27 12:2 a.m.•2 views

WordPress Bold Timeline Lite plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Bold Timeline Lite versions = 1.2.7...

5.4CVSS5.8AI score0.00029EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/12/25 1:23 p.m.•0 views

CVE-2025-68513

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in boldthemes Bold Timeline Lite bold-timeline-lite allows Stored XSS.This issue affects Bold Timeline Lite: from n/a through = 1.2.7...

6.5CVSS6AI score0.00029EPSS

Exploits0References1

EUVD•added 2025/12/24 3:30 p.m.•1 views

EUVD-2025-205203

5.4CVSS5.5AI score0.00029EPSS

Exploits0References2

NVD•added 2025/12/24 1:16 p.m.•1 views

CVE-2025-68513

6.5CVSS0.00029EPSS

Exploits0References1

Cvelist•added 2025/12/24 12:31 p.m.•25 views

CVE-2025-68513 WordPress Bold Timeline Lite plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00029EPSS

Exploits0References1

CVE•added 2025/12/24 12:31 p.m.•3 views

CVE-2025-68513

The CVE-2025-68513 entry concerns the WordPress Bold Timeline Lite plugin (bold-timeline-lite). Affected versions are up to 1.2.7, with a Stored Cross‑Site Scripting (XSS) flaw caused by improper neutralization/escaping of user-supplied data during web page generation. Exploitation is described a...

6.5CVSS5.6AI score0.00029EPSS

Exploits0References1

Vulnrichment•added 2025/12/24 12:31 p.m.•1 views

CVE-2025-68513 WordPress Bold Timeline Lite plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.6AI score0.00029EPSS

Exploits0References1

CNNVD•added 2025/12/24 12:0 a.m.•1 views

WordPress plugin Bold Timeline Lite 安全漏洞

6.5CVSS5.8AI score0.00029EPSS

Exploits0References1

Positive Technologies•added 2025/12/24 12:0 a.m.•1 views

PT-2025-53084

Name of the Vulnerable Software and Affected Versions Bold Timeline Lite versions through 1.2.7 Description The Bold Timeline Lite plugin contains a flaw due to improper neutralization of input during web page generation, leading to a Stored Cross-site Scripting XSS condition. This allows an...

5.4CVSS6.1AI score0.00029EPSS

Exploits0References4

RedhatCVE•added 2025/12/13 3:59 a.m.•2 views

CVE-2025-14032

The Bold Timeline Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in the 'boldtimelinegroup' shortcode in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.1AI score0.00041EPSS

Exploits0References1

EUVD•added 2025/12/12 6:31 a.m.•1 views

EUVD-2025-202986

6.4CVSS4.7AI score0.00041EPSS

Exploits0References5

NVD•added 2025/12/12 4:15 a.m.•2 views

CVE-2025-14032

6.4CVSS0.00041EPSS

Exploits0References5

Vulnrichment•added 2025/12/12 3:20 a.m.•1 views

CVE-2025-14032 Bold Timeline Lite <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode

6.4CVSS4.8AI score0.00041EPSS

Exploits0References5

Cvelist•added 2025/12/12 3:20 a.m.•23 views

CVE-2025-14032 Bold Timeline Lite <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Parameter in 'bold_timeline_group' Shortcode

6.4CVSS0.00041EPSS

Exploits0References5

CVE•added 2025/12/12 3:20 a.m.•11 views

CVE-2025-14032

CVE-2025-14032 affects Bold Timeline Lite (WordPress) up to version 1.2.7, exposing a Stored Cross‑Site Scripting (Stored XSS) via the title parameter in the bold_timeline_group shortcode. The issue stems from insufficient input sanitization and output escaping, enabling authenticated attackers w...

6.4CVSS4.8AI score0.00041EPSS

Exploits0References5

CNNVD•added 2025/12/12 12:0 a.m.•1 views

WordPress plugin Bold Timeline Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

6.4CVSS5.8AI score0.00041EPSS

Exploits0References4

Positive Technologies•added 2025/12/12 12:0 a.m.•2 views

PT-2025-50844

The Bold Timeline Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in the 'bold timeline group' shortcode in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

6.4CVSS5.1AI score0.00041EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by