11 matches found
CVE-2025-7730
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
EUVD-2025-35733
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-7730
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-7730 Bold Page Builder <= 5.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-7730
CVE-2025-7730 - Bold Page Builder (WordPress) Stored XSS : Wordfence reports a stored cross-site scripting vulnerability in Bold Page Builder up to version 5.4.5, exploitable by authenticated users with Contributor+ permissions via the percentage parameter. The flaw arises from insufficient input...
CVE-2025-7730 Bold Page Builder <= 5.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
WordPress Bold Page Builder plugin <= 5.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via percentage Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Bold Page Builder versions = 5.4.5...
WordPress plugin Bold Page Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
EUVD-2025-32910
Malicious code in v0-runtime npm...
CVE-2025-11404
SourceCodester Hotel and Lodge Management System 1.0 is affected by CVE-2025-11404 due to an SQL injection in the /pages/save_tax.php file, caused by improper handling of the percentage parameter. An attacker can remotely exploit this vulnerability, and public disclosures exist. The vulnerability...
PT-2025-41153
Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A flaw exists in SourceCodester Hotel and Lodge Management System 1.0, specifically within the /pages/save tax.php file. Manipulation of the percentage argument can resul...