CVE-2024-47391 is a stored cross-site scripting (XSS) vulnerability identified in the Bold Page Builder plugin developed by BoldThemes, affecting all versions prior to 5.1.1. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, which allows malicious scripts to be injected and stored persistently within the website's content. When other users or administrators visit the affected pages, the malicious scripts execute in their browsers under the context of the vulnerable site. This can lead to a range of attacks including session hijacking, theft of sensitive information, unauthorized actions performed on behalf of users, website defacement, or distribution of malware. The vulnerability does not require authentication to exploit, increasing its risk profile, and does not require complex user interaction beyond visiting a compromised page. Although no public exploits have been reported yet, the nature of stored XSS makes it a critical concern for websites using this plugin. The lack of currently available patches necessitates immediate attention to mitigation strategies. The vulnerability was reserved on September 24, 2024, and published on October 5, 2024, but no CVSS score has been assigned yet. The Bold Page Builder plugin is commonly used in WordPress environments, which are widespread globally, making this vulnerability relevant to a large number of websites.

The impact of CVE-2024-47391 is significant for organizations using the Bold Page Builder plugin, as stored XSS vulnerabilities can lead to severe consequences. Attackers can execute arbitrary JavaScript in the context of the affected website, potentially stealing session cookies, credentials, or other sensitive data from users. This can facilitate account takeover, unauthorized access, and data breaches. Additionally, attackers may deface websites, damaging brand reputation and user trust. The vulnerability can also be leveraged to distribute malware to site visitors, causing broader security incidents. Since the vulnerability is stored, the malicious payload persists until removed, increasing the window of exposure. Organizations relying on Bold Page Builder for content management and page design face risks to confidentiality, integrity, and availability of their web assets. The absence of patches increases the urgency for mitigation, especially for high-traffic or sensitive websites.

1. Monitor the BoldThemes official channels for security updates and apply patches immediately once available. 2. Implement strict input validation and sanitization on all user inputs, especially those that are rendered in web pages by the Bold Page Builder. 3. Deploy a Web Application Firewall (WAF) with rules designed to detect and block XSS payloads targeting the plugin. 4. Conduct regular security audits and code reviews of custom content added via the page builder to identify and remove malicious scripts. 5. Educate site administrators and users about the risks of clicking on suspicious links or content. 6. Consider temporarily disabling or limiting the use of Bold Page Builder until a patch is released if the risk is deemed unacceptable. 7. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts on the website. 8. Backup website data regularly to enable recovery in case of defacement or compromise.