CVE-2026-25451

Name of the Vulnerable Software and Affected Versions Bold Page Builder versions through 5.6.4

Description The Bold Page Builder software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting (XSS). This means that malicious code can be injected into web pages, potentially affecting users who view those pages. The issue allows for the execution of arbitrary scripts within the context of a user's browser. The vulnerability is due to insufficient sanitization of user-supplied input when generating web pages. The affected component is the page builder functionality itself.

Recommendations Update Bold Page Builder to a version later than 5.6.4.