Bold Page Builder Security Vulnerabilities and Issues — Bold Page Builder CVE List

Lucene search

Bold-themesBold Page Builder

13 matches found

CVE•added 2024/03/29 6:15 p.m.•64 views

CVE-2024-30442

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.8.0.

6.5CVSS6.4AI score0.00046EPSS

CVE•added 2024/03/27 12:15 p.m.•49 views

CVE-2024-30179

6.5CVSS6.7AI score0.00138EPSS

CVE•added 2024/04/10 5:15 a.m.•47 views

CVE-2024-2734

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's AI features all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, w...

6.4CVSS5.7AI score0.00144EPSS

CVE•added 2024/04/09 7:15 p.m.•47 views

CVE-2024-3266

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attribute of widgets in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attac...

6.4CVSS7.6AI score0.00135EPSS

CVE•added 2024/04/10 5:15 a.m.•45 views

CVE-2024-2735

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Price List' element in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

6.4CVSS5.7AI score0.00188EPSS

CVE•added 2024/02/13 10:15 a.m.•43 views

CVE-2024-1159

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...

6.4CVSS6AI score0.00107EPSS

CVE•added 2024/12/06 2:15 p.m.•43 views

CVE-2024-53801

6.5CVSS6.5AI score0.00029EPSS

CVE•added 2024/04/09 7:15 p.m.•38 views

CVE-2024-3267

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_price_list shortcode in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenti...

6.4CVSS7.6AI score0.00144EPSS

CVE•added 2024/10/06 12:15 p.m.•38 views

CVE-2024-47298

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 5.1.1.

6.5CVSS6.7AI score0.00047EPSS

CVE•added 2024/10/05 3:15 p.m.•35 views

CVE-2024-47391

6.5CVSS6.7AI score0.00055EPSS

CVE•added 2024/07/30 7:15 a.m.•34 views

CVE-2024-7100

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_button shortcode in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.7AI score0.00028EPSS

CVE•added 2024/04/10 5:15 a.m.•33 views

CVE-2024-2736

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML Tags in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contribu...

6.4CVSS5.7AI score0.00157EPSS

CVE•added 2023/12/15 4:15 p.m.•32 views

CVE-2023-49823

6.5CVSS6AI score0.00155EPSS