CVE-2025-54005 WordPress SKT Page Builder plugin <= 4.9 - Broken Access Control vulnerability

🗓️ 16 Dec 2025 08:12:45Reported by PatchstackType

CVE-2025-54005: broken access control in WordPress SKT Page Builder up to 4.9 due to missing authorization.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-54005	16 Dec 202509:55	–	circl
CNNVD	WordPress plugin SKT Page Builder 安全漏洞	16 Dec 202500:00	–	cnnvd
CVE	CVE-2025-54005	16 Dec 202508:12	–	cve
EUVD	EUVD-2025-203618	16 Dec 202509:31	–	euvd
NVD	CVE-2025-54005	16 Dec 202509:15	–	nvd
Patchstack	WordPress SKT Page Builder plugin <= 4.9 - Broken Access Control vulnerability	28 May 202510:09	–	patchstack
Positive Technologies	PT-2025-51380	16 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-54005	17 Dec 202510:03	–	redhatcve
Vulnrichment	CVE-2025-54005 WordPress SKT Page Builder plugin <= 4.9 - Broken Access Control vulnerability	16 Dec 202508:12	–	vulnrichment

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "skt-builder",
    "product": "SKT Page Builder",
    "vendor": "sonalsinha21",
    "versions": [
      {
        "changes": [
          {
            "at": "5.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/Wordpress/Plugin/skt-builder/vulnerability/wordpress-skt-page-builder-plugin-4-9-broken-access-control-vulnerability

28 Apr 2026 16:13Current

CVSS 3.14.3

EPSS0.00041

CWE-862