Bold Page Builder

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Bold Page Builder

Information

Software Type Plugin
Software Slug bold-page-builder (view on wordpress.org)
Software Status Active
Software Author boldthemes
Software Downloads 1,760,081
Software Active Installs 50,000
Software Record Last Updated May 3, 2024

14 Vulnerabilities

Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Separator Element
5.4
CVE-2024-2733
Apr 9, 2024
Researcher: João Pedro Soares de Alcântara
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via AI Features
6.4
CVE-2024-2734
Apr 9, 2024
Researcher: João Pedro Soares de Alcântara
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via "Price List" Element
6.4
CVE-2024-2735
Apr 9, 2024
Researcher: João Pedro Soares de Alcântara
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags
6.4
CVE-2024-2736
Apr 9, 2024
Researcher: João Pedro Soares de Alcântara
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget URL Attribute
6.4
CVE-2024-3266
Apr 5, 2024
Researcher: wesley (wcraft)
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_price_list Shortcode
6.4
CVE-2024-3267
Apr 5, 2024
Researcher: stealthcopter
Bold Page Builder <= 4.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via class
6.4
CVE-2024-30179
Mar 25, 2024
Researcher: LVT-tholv2k
Bold Page Builder <= 4.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Link
5.4
CVE-2024-1160
Feb 12, 2024
Researcher: wesley (wcraft)
Bold Page Builder <= 4.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Raw Content
6.4
CVE-2024-1159
Feb 12, 2024
Researcher: RandomRoot
Bold Page Builder <= 4.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL
5.4
CVE-2024-1157
Feb 12, 2024
Researcher: Nikolas
Bold Page Builder <= 4.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-49823
Dec 5, 2023
Researcher: Ngô Thiên An (ancorn_)
Bold Page Builder <= 4.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting
5.5
CVE-2022-2089
Jun 20, 2022
Researcher: Nikhil Kapoor
Bold Page Builder <= 3.1.5 - PHP Object Injection
7.5
CVE-2021-24579
Aug 2, 2021
Researcher: dc11
Bold Page Builder <= 2.3.1 - Missing Authorization to Settings Update
7.5
CVE-2019-15821
Aug 23, 2019
Researcher: Jerome Bruandet
Title CVE ID CVSS Researchers Date
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Separator Element CVE-2024-2733 5.4 João Pedro Soares de Alcântara April 9, 2024
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via AI Features CVE-2024-2734 6.4 João Pedro Soares de Alcântara April 9, 2024
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via "Price List" Element CVE-2024-2735 6.4 João Pedro Soares de Alcântara April 9, 2024
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags CVE-2024-2736 6.4 João Pedro Soares de Alcântara April 9, 2024
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget URL Attribute CVE-2024-3266 6.4 wesley (wcraft) April 5, 2024
Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_price_list Shortcode CVE-2024-3267 6.4 stealthcopter April 5, 2024
Bold Page Builder <= 4.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via class CVE-2024-30179 6.4 LVT-tholv2k March 25, 2024
Bold Page Builder <= 4.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Link CVE-2024-1160 5.4 wesley (wcraft) February 12, 2024
Bold Page Builder <= 4.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Raw Content CVE-2024-1159 6.4 RandomRoot February 12, 2024
Bold Page Builder <= 4.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL CVE-2024-1157 5.4 Nikolas February 12, 2024
Bold Page Builder <= 4.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-49823 6.4 Ngô Thiên An (ancorn_) December 5, 2023
Bold Page Builder <= 4.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2022-2089 5.5 Nikhil Kapoor June 20, 2022
Bold Page Builder <= 3.1.5 - PHP Object Injection CVE-2021-24579 7.5 dc11 August 2, 2021
Bold Page Builder <= 2.3.1 - Missing Authorization to Settings Update CVE-2019-15821 7.5 Jerome Bruandet August 23, 2019

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation