Vulnerabilities > Bold Themes

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-01	CVE-2021-24320	Unspecified vulnerability in Bold-Themes Bello The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise and escape its listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value, bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from and bt_bb_listing_field_price_range_to parameter in ints listing page, leading to reflected Cross-Site Scripting issues. network low complexity bold-themes	6.1
2021-06-01	CVE-2021-24321	Unspecified vulnerability in Bold-Themes Bello The Bello - Directory & Listing WordPress theme before 1.6.0 did not sanitise the bt_bb_listing_field_price_range_to, bt_bb_listing_field_now_open, bt_bb_listing_field_my_lng, listing_list_view and bt_bb_listing_field_my_lat parameters before using them in a SQL statement, leading to SQL Injection issues network low complexity bold-themes critical	9.8
2019-08-30	CVE-2019-15821	Unspecified vulnerability in Bold-Themes Bold Page Builder The bold-page-builder plugin before 2.3.2 for WordPress has no protection against modifying settings and importing data. network low complexity bold-themes	7.5

Vulnerabilities > Bold Themes {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bold Themes"}]}