Known Vulnerabilities for products from Bold-themes
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Bold-themes".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-54382 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in boldthemes Bold Page Builder ... | Not Provided | 2024-12-16 | 2026-04-23 |
| CVE-2024-53801 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Bu... | Not Provided | 2024-12-06 | 2026-04-23 |
| CVE-2024-50417 json | Missing Authorization vulnerability in boldthemes Bold Page Builder bold-page-builder allows Exploiting Incorrectly Configure... | Not Provided | 2024-11-19 | 2026-04-23 |
| CVE-2024-47391 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Bu... | Not Provided | 2024-10-05 | 2026-04-23 |
| CVE-2024-47298 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Bu... | Not Provided | 2024-10-06 | 2026-04-23 |
| CVE-2024-3267 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_price_list sho... | Not Provided | 2024-04-09 | 2026-04-08 |
| CVE-2024-3266 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attribute of widgets in a... | Not Provided | 2024-04-09 | 2026-04-08 |
| CVE-2024-2736 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML Tags in all versions up to, ... | Not Provided | 2024-04-10 | 2026-04-08 |
| CVE-2024-2735 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Price List' element in all v... | Not Provided | 2024-04-10 | 2026-04-08 |
| CVE-2024-2734 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's AI features all vers... | Not Provided | 2024-04-10 | 2026-04-08 |
| CVE-2024-2733 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "Separator" element ... | Not Provided | 2024-04-10 | 2026-04-08 |
| CVE-2024-1160 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Link in all ver... | Not Provided | 2024-02-13 | 2026-04-08 |
| CVE-2024-1159 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all ... | Not Provided | 2024-02-13 | 2026-04-08 |
| CVE-2024-1157 json | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button URL in all ve... | Not Provided | 2024-02-13 | 2026-04-08 |
| CVE-2022-4828 json | The Bold Timeline Lite WordPress plugin before 1.1.5 does not validate and escape some of its shortcode attributes before out... | 5.4 - MEDIUM | 2023-01-30 | 2023-11-07 |
| CVE-2022-2089 json | The Bold Page Builder WordPress plugin before 4.3.3 does not sanitise and escape some of its settings, which could allow high... | 4.8 - MEDIUM | 2022-07-11 | 2022-07-15 |
| CVE-2021-24820 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-02-28 | 2022-03-07 |
| CVE-2021-24579 json | The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user input into the unserialize(... | 8.8 - HIGH | 2021-08-30 | 2021-09-02 |
| CVE-2021-24321 json | The Bello - Directory & Listing WordPress theme before 1.6.0 did not sanitise the bt_bb_listing_field_price_range_to, bt_bb_l... | 9.8 - CRITICAL | 2021-06-01 | 2021-08-12 |
| CVE-2021-24320 json | The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise and escape its listing_list_view, bt_b... | 6.1 - MEDIUM | 2021-06-01 | 2021-08-12 |
Known software with vulnerabilities from Bold-themes
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Bold-themes | Bold Page Builder | - |