152 matches found
CVE-2024-32088
Cross-Site Request Forgery CSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through 6.15.20...
CVE-2024-37556
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10...
CVE-2023-4975
The Website Builder by SeedProd plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.15.13.1. This is due to missing or incorrect nonce validation on functionality in the builder.php file. This makes it possible for unauthenticated attackers to chan...
CVE-2025-3949
The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprodlitegetrevisisons' function in all versions up to, and including, 6.18.15...
CVE-2025-3949
The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprodlitegetrevisisons' function in all versions up to, and including, 6.18.15...
CVE-2025-3949 Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure
The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprodlitegetrevisisons' function in all versions up to, and including, 6.18.15...
CVE-2025-3949 Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure
The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprodlitegetrevisisons' function in all versions up to, and including, 6.18.15...
CVE-2025-3949
CVE-2025-3949 concerns the WordPress plugin “Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode” (versions up to and including 6.18.15). The vulnerability is a missing capability check in the seedprod_lite_get_revisisons function, which, per the ...
PT-2025-20545 · Seedprod · Website Builder By Seedprod
Name of the Vulnerable Software and Affected Versions: The Website Builder by SeedProd versions up to, and including, 6.18.15 Description: The issue allows authenticated attackers with Subscriber-level access and above to read the content of arbitrary landing page revisions due to a missing...
WordPress plugin Website Builder by SeedProd 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
WordPress Website Builder by SeedProd plugin <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability
Missing Authorization to Authenticated Subscriber+ Sensitive Information Exposure vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd versions = 6.18.15...
CVE-2024-1072
The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seedprodlitenewlpage function in all versions up to, and including, 6.15.21...
CVE-2024-54284
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10...
CVE-2024-54283
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10...
CVE-2024-54285
Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows Upload a Web Shell to a Web Server.This issue affects SeedProd Pro: from n/a through 6.18.10...
CVE-2025-24540
Cross-Site Request Forgery CSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Cross Site Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through = 6.18.9...
CVE-2025-24540 WordPress Website Builder by SeedProd plugin <= 6.18.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Cross Site Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through = 6.18.9...
CVE-2025-24540 WordPress Website Builder by SeedProd plugin <= 6.18.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Cross Site Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through = 6.18.9...
CVE-2025-24540
CVE-2025-24540 is a CSRF vulnerability in the WordPress plugin SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd (versions n/a through 6.18.9). The flaw affects the SeedProd plugin’s CSRF protection, enabling cross-site forgery in affected installs. The reported CVSS-li...
WordPress plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd 跨站请求伪造漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Coming Soon Page, Under...