Login Sign Up

CVE-2024-47298

6.5 MEDIUM
Cross-Site Scripting

📋 TL;DR

This stored XSS vulnerability in Bold Page Builder allows attackers to inject malicious scripts into WordPress pages. When users view compromised pages, the scripts execute in their browsers, potentially stealing credentials or performing unauthorized actions. All WordPress sites using Bold Page Builder versions up to 5.1.1 are affected.

💻 Affected Systems

Products:
  • BoldThemes Bold Page Builder WordPress Plugin
Versions: All versions up to and including 5.1.1
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with Bold Page Builder plugin enabled. No special configuration needed for exploitation.

📦 What is this software?

Bold Page Builder by Bold Themes

View all CVEs affecting Bold Page Builder →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator session cookies, take over WordPress sites, deface content, or redirect visitors to malicious sites.

🟠

Likely Case

Attackers inject malicious scripts to steal user credentials, session tokens, or perform actions on behalf of authenticated users.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts would be neutralized before reaching users' browsers.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Stored XSS vulnerabilities are commonly weaponized. Exploitation requires attacker to have content creation privileges in WordPress.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.1.2 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/bold-page-builder/wordpress-bold-page-builder-plugin-5-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Bold Page Builder. 4. Click 'Update Now' if available. 5. Alternatively, download version 5.1.2+ from WordPress repository and replace plugin files.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable Bold Page Builder plugin until patched

wp plugin deactivate bold-page-builder

Restrict User Roles

all

Limit content creation/editing permissions to trusted users only

🧯 If You Can't Patch

  • Implement Content Security Policy (CSP) headers to restrict script execution
  • Use web application firewall (WAF) rules to block XSS payloads

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Bold Page Builder version number

Check Version:

wp plugin get bold-page-builder --field=version

Verify Fix Applied:

Confirm plugin version is 5.1.2 or higher in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

  • Unusual content modifications in WordPress posts/pages
  • Suspicious script tags in page builder content

Network Indicators:

  • Requests containing script injection patterns to WordPress admin endpoints

SIEM Query:

source="wordpress.log" AND ("bold-page-builder" OR "page_builder") AND ("script" OR "javascript:" OR "onerror=" OR "onload=")

📊 Metadata

CVE ID: CVE-2024-47298
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
CWE: CWE-79
Published: October 6, 2024
Last Updated: January 7, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47298, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)