Bold-themes

Bold Page Builder

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2024-54382

  • EPSS 0.58%
  • Veröffentlicht 16.12.2024 15:15:12
  • Zuletzt bearbeitet 07.01.2025 18:00:04

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in BoldThemes Bold Page Builder allows Path Traversal.This issue affects Bold Page Builder: from n/a through 5.1.5.

5.4

CVE-2024-53801

  • EPSS 0.13%
  • Veröffentlicht 06.12.2024 14:15:22
  • Zuletzt bearbeitet 08.01.2025 16:20:07

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 5.2.1.

8.8

CVE-2024-50417

  • EPSS 0.33%
  • Veröffentlicht 19.11.2024 17:15:10
  • Zuletzt bearbeitet 08.01.2025 16:20:13

Missing Authorization vulnerability in BoldThemes Bold Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Page Builder: from n/a through 5.1.3.

5.4

CVE-2024-47298

  • EPSS 0.15%
  • Veröffentlicht 06.10.2024 12:15:05
  • Zuletzt bearbeitet 07.01.2025 13:07:48

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 5.1.1.

5.4

CVE-2024-47391

  • EPSS 0.14%
  • Veröffentlicht 05.10.2024 15:15:16
  • Zuletzt bearbeitet 07.01.2025 13:57:47

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a before 5.1.1.

5.4

CVE-2024-7100

  • EPSS 0.2%
  • Veröffentlicht 30.07.2024 07:15:02
  • Zuletzt bearbeitet 06.02.2025 17:45:05

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's bt_bb_button shortcode in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping on user supplied at...

5.4

CVE-2024-2736

  • EPSS 0.21%
  • Veröffentlicht 10.04.2024 05:15:49
  • Zuletzt bearbeitet 08.01.2025 17:24:59

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML Tags in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it po...

5.4

CVE-2024-2735

  • EPSS 0.2%
  • Veröffentlicht 10.04.2024 05:15:49
  • Zuletzt bearbeitet 08.01.2025 17:52:42

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Price List' element in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. T...

5.4

CVE-2024-2734

  • EPSS 0.2%
  • Veröffentlicht 10.04.2024 05:15:49
  • Zuletzt bearbeitet 08.01.2025 17:52:29

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's AI features all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This...

5.4

CVE-2024-2733

  • EPSS 0.23%
  • Veröffentlicht 10.04.2024 04:15:09
  • Zuletzt bearbeitet 08.01.2025 17:52:18

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "Separator" element in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attri...