Stored Cross-Site Scripting Vulnerability in Bold Page Builder Plugin for WordPress

CVE-2025-13463

What is CVE-2025-13463?

The Bold Page Builder plugin for WordPress is affected by a Stored Cross-Site Scripting vulnerability in the Post Grid component, stemming from inadequate input sanitization and output escaping. This flaw allows authenticated attackers with Author-level access or higher to inject arbitrary web scripts into pages. The scripts execute upon page access, potentially compromising user data and site integrity. This vulnerability can affect all users who visit the compromised pages, raising significant security concerns for WordPress sites utilizing this plugin.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References