Vulnerabilities > Bold Themes > Bold Page Builder > 4.7.1

DATE CVE VULNERABILITY TITLE RISK
2024-04-09 CVE-2024-3266 Cross-site Scripting vulnerability in Bold-Themes Bold Page Builder
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attribute of widgets in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
bold-themes CWE-79
5.4
2024-04-09 CVE-2024-3267 Cross-site Scripting vulnerability in Bold-Themes Bold Page Builder
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_price_list shortcode in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
bold-themes CWE-79
5.4
2024-03-29 CVE-2024-30442 Unspecified vulnerability in Bold-Themes Bold Page Builder
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.8.0.
network
low complexity
bold-themes
5.4
2024-03-27 CVE-2024-30179 Unspecified vulnerability in Bold-Themes Bold Page Builder
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.7.6.
network
low complexity
bold-themes
5.4
2024-02-13 CVE-2024-1159 Cross-site Scripting vulnerability in Bold-Themes Bold Page Builder
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.8.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
bold-themes CWE-79
5.4