4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Exposure of Bold Themes\",\"url\":\"https://vexday.io/en/tech/Bold%20Themes\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":53},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://vexday.io/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Exposure by technology\",\"item\":\"https://vexday.io/en/tech\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Bold Themes\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/en","children":"Home"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/en/tech","children":"Exposure by technology"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"Bold Themes"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Exposure of"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"Bold Themes"}]]}],["$","span",null,{"className":"t","children":"WordPress themes"}]]}],["$","div",null,{"className":"band","style":{"marginTop":16},"children":[["$","div",null,{"className":"stat","children":[["$","div",null,{"className":"n","children":"78"}],["$","div",null,{"className":"l","children":"exposure score"}]]}],["$","div",null,{"className":"stat","children":[["$","div",null,{"className":"n","children":"3,674"}],["$","div",null,{"className":"l","children":"sites use"}]]}],["$","div",null,{"className":"stat kev","children":[["$","div",null,{"className":"n","children":"0"}],["$","div",null,{"className":"l","children":"exploited"}]]}],["$","div",null,{"className":"stat crit","children":[["$","div",null,{"className":"n","children":"11"}],["$","div",null,{"className":"l","children":"critical"}]]}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":24},"children":[["$","h2",null,{"children":"CVEs"}],["$","span",null,{"className":"t","children":["53"," ","results"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2021-24321",{"className":"item","href":"/en/cve/CVE-2021-24321","children":[["$","span",null,{"className":"cid","children":"CVE-2021-24321"}],["$","span",null,{"className":"sevtag ","children":"—"}],["$","span",null,{"className":"tt2","children":"Bello < 1.6.0 - Unauthenticated Blind SQL Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"66.6%"}]]}],false]}]]}],["$","$La","CVE-2021-24320",{"className":"item","href":"/en/cve/CVE-2021-24320","children":[["$","span",null,{"className":"cid","children":"CVE-2021-24320"}],["$","span",null,{"className":"sevtag ","children":"—"}],["$","span",null,{"className":"tt2","children":"Bello < 1.6.0 - Unauthenticated Reflected XSS & XFS"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"10.8%"}]]}],false]}]]}],["$","$La","CVE-2024-54382",{"className":"item","href":"/en/cve/CVE-2024-54382","children":[["$","span",null,{"className":"cid","children":"CVE-2024-54382"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Bold Page Builder plugin <= 5.1.5 - Path Traversal vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"2.2%"}]]}],false]}]]}],["$","$La","CVE-2024-50417",{"className":"item","href":"/en/cve/CVE-2024-50417","children":[["$","span",null,{"className":"cid","children":"CVE-2024-50417"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Bold Page Builder plugin <= 5.1.3 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"1.9%"}]]}],false]}]]}],["$","$La","CVE-2021-24319",{"className":"item","href":"/en/cve/CVE-2021-24319","children":[["$","span",null,{"className":"cid","children":"CVE-2021-24319"}],["$","span",null,{"className":"sevtag ","children":"—"}],["$","span",null,{"className":"tt2","children":"Bello < 1.6.0 - Authenticated Cross-Site Scripting (XSS) and XFS"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"1.7%"}]]}],false]}]]}],["$","$La","CVE-2025-60214",{"className":"item","href":"/en/cve/CVE-2025-60214","children":[["$","span",null,{"className":"cid","children":"CVE-2025-60214"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Goldenblatt theme < 1.3.0 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2025-60216",{"className":"item","href":"/en/cve/CVE-2025-60216","children":[["$","span",null,{"className":"cid","children":"CVE-2025-60216"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Addison theme < 1.4.8 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-2736",{"className":"item","href":"/en/cve/CVE-2024-2736","children":[["$","span",null,{"className":"cid","children":"CVE-2024-2736"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-2735",{"className":"item","href":"/en/cve/CVE-2024-2735","children":[["$","span",null,{"className":"cid","children":"CVE-2024-2735"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via \"Price List\" Element"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-2734",{"className":"item","href":"/en/cve/CVE-2024-2734","children":[["$","span",null,{"className":"cid","children":"CVE-2024-2734"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via AI Features"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-2733",{"className":"item","href":"/en/cve/CVE-2024-2733","children":[["$","span",null,{"className":"cid","children":"CVE-2024-2733"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Separator Element"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2026-27429",{"className":"item","href":"/en/cve/CVE-2026-27429","children":[["$","span",null,{"className":"cid","children":"CVE-2026-27429"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Nifty theme <= 1.4.1 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2025-39495",{"className":"item","href":"/en/cve/CVE-2025-39495","children":[["$","span",null,{"className":"cid","children":"CVE-2025-39495"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Avantage Theme <= 2.4.9 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2025-39499",{"className":"item","href":"/en/cve/CVE-2025-39499","children":[["$","span",null,{"className":"cid","children":"CVE-2025-39499"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Medicare Theme <= 2.1.0 - PHP Object Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2023-49823",{"className":"item","href":"/en/cve/CVE-2023-49823","children":[["$","span",null,{"className":"cid","children":"CVE-2023-49823"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Bold Page Builder Plugin <= 4.6.1 is vulnerable to Cross Site Scripting (XSS)"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2024-3266",{"className":"item","href":"/en/cve/CVE-2024-3266","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3266"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget URL Attribute"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-30179",{"className":"item","href":"/en/cve/CVE-2024-30179","children":[["$","span",null,{"className":"cid","children":"CVE-2024-30179"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Bold Page Builder plugin <= 4.7.6 - Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-7100",{"className":"item","href":"/en/cve/CVE-2024-7100","children":[["$","span",null,{"className":"cid","children":"CVE-2024-7100"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Bold Page Builder <= 5.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_button Shortcode"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-3267",{"className":"item","href":"/en/cve/CVE-2024-3267","children":[["$","span",null,{"className":"cid","children":"CVE-2024-3267"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_price_list Shortcode"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-1157",{"className":"item","href":"/en/cve/CVE-2024-1157","children":[["$","span",null,{"className":"cid","children":"CVE-2024-1157"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Bold Page Builder <= 4.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}]]}],["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"off","children":"← previous"}],["$","span",null,{"className":"pgnum","children":["page"," ","1"," / ","3"]}],["$","$La",null,{"href":"?page=2","children":"next →"}]]}],["$","section",null,{"className":"block","style":{"marginTop":28},"children":["$","div",null,{"className":"cta","children":[["$","p",null,{"children":"Want to know if your infrastructure is exposed to this?"}],["$","a",null,{"className":"btn btn-primary","href":"https://truehacking.ai","target":"_blank","rel":"noopener","children":"Talk to TrueHacking →"}]]}]}]]}]