Bold Page Builder
boldthemes
Developer
5.5.3
Latest version
50,000
Installations
4 days ago
Last updated
Vulnerability history
0 present
25 fixed
3 Mitigation rules
- Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter vulnerability<= 5.4.5Oct 23, 2025
- Cross Site Scripting (XSS) Vulnerability<= 5.4.3Aug 27, 2025
- Cross Site Scripting (XSS) Vulnerability<= 5.4.1Jul 16, 2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via additional_settings Parameter vulnerability<= 5.3.6May 28, 2025
- Cross Site Scripting (XSS) Vulnerability<= 5.3.0May 7, 2025
- Cross Site Scripting (XSS) Vulnerability<= 5.3.2May 7, 2025
- Path Traversal vulnerability<= 5.1.5Dec 11, 2024
- Cross Site Scripting (XSS) vulnerability<= 5.2.1Dec 2, 2024
- Broken Access Control vulnerability<= 5.1.3Oct 24, 2024
- Cross Site Scripting (XSS) vulnerability< 5.1.1Sep 30, 2024
- Cross Site Scripting (XSS) vulnerability<= 5.1.1Sep 24, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_button Shortcode vulnerability<= 5.0.2Jul 30, 2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 4.8.8Apr 11, 2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 4.8.8Apr 11, 2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 4.8.8Apr 11, 2024
- Authenticated Stored Cross-Site Scripting vulnerability<= 4.8.8Apr 11, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_price_list Shortcode vulnerability<= 4.8.8Apr 8, 2024
- Cross Site Scripting (XSS) vulnerability<= 4.8.0Mar 28, 2024
- Cross Site Scripting (XSS) vulnerability<= 4.7.6Mar 25, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Raw Content vulnerability<= 4.8.0Feb 14, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Link vulnerability<= 4.8.0Feb 13, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL vulnerability<= 4.8.0Feb 13, 2024
- Cross Site Scripting (XSS) vulnerability<= 4.6.1Dec 5, 2023
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 4.3.2Jun 20, 2022
- PHP Object Injection vulnerability<= 3.1.5Aug 2, 2021