CVE-2025-69055

CVE-2025-69055 affects BM Content Builder bm-builder (SeaTheme) up to version 3.16.3. It is an authenticated vulnerability (Contributor+), enabling Arbitrary File Download via path traversal in the BM Content Builder. Public sources (Red Hat, NVD/CVE entries) confirm the issue and note no patch s...

PT-2025-24013 · WordPress · Bm Content Builder

Name of the Vulnerable Software and Affected Versions: BM Content Builder plugin for WordPress versions up to, and including, 3.16.2.1 Description: The issue is related to a missing capability check on the ux cb page options save function, allowing authenticated attackers with subscriber-level...