Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
Bold Page Builder: Stored Cross-Site Scripting Risk
CVE-2026-25451
Summary
The Bold Page Builder has a security flaw that allows attackers to inject malicious code into a website. This could lead to unauthorized access to sensitive information or other malicious activities. To fix this, update Bold Page Builder to version 5.6.5 or later.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page B...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through <= 5.6.4.
nvd CVSS3.1
6.5
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026