Lucene search
K

152 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:37 a.m.6 views

CVE-2024-32088

Cross-Site Request Forgery CSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through 6.15.20...

4.3CVSS5.1AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:42 a.m.8 views

CVE-2024-37556

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10...

5.9CVSS6.8AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:53 a.m.8 views

CVE-2023-4975

The Website Builder by SeedProd plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.15.13.1. This is due to missing or incorrect nonce validation on functionality in the builder.php file. This makes it possible for unauthenticated attackers to chan...

4.3CVSS5.8AI score0.0028EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/11 9:7 a.m.23 views

CVE-2025-3949

The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprodlitegetrevisisons' function in all versions up to, and including, 6.18.15...

4.3CVSS6.6AI score0.00552EPSS
Exploits0References1
NVD
NVD
added 2025/05/09 9:15 a.m.13 views

CVE-2025-3949

The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprodlitegetrevisisons' function in all versions up to, and including, 6.18.15...

4.3CVSS0.00552EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/09 8:24 a.m.17 views

CVE-2025-3949 Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure

The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprodlitegetrevisisons' function in all versions up to, and including, 6.18.15...

4.3CVSS0.00552EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/09 8:24 a.m.6 views

CVE-2025-3949 Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure

The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'seedprodlitegetrevisisons' function in all versions up to, and including, 6.18.15...

4.3CVSS4.4AI score0.00552EPSS
Exploits0References4
CVE
CVE
added 2025/05/09 8:24 a.m.90 views

CVE-2025-3949

CVE-2025-3949 concerns the WordPress plugin “Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode” (versions up to and including 6.18.15). The vulnerability is a missing capability check in the seedprod_lite_get_revisisons function, which, per the ...

4.3CVSS4.4AI score0.00552EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/09 12:0 a.m.5 views

PT-2025-20545 · Seedprod · Website Builder By Seedprod

Name of the Vulnerable Software and Affected Versions: The Website Builder by SeedProd versions up to, and including, 6.18.15 Description: The issue allows authenticated attackers with Subscriber-level access and above to read the content of arbitrary landing page revisions due to a missing...

4.3CVSS5.4AI score0.00552EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/05/09 12:0 a.m.5 views

WordPress plugin Website Builder by SeedProd 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

4.3CVSS5.8AI score0.00552EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/05/08 8:55 p.m.4 views

WordPress Website Builder by SeedProd plugin <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ Sensitive Information Exposure vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd versions = 6.18.15...

4.3CVSS8.2AI score0.00552EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 5:22 a.m.8 views

CVE-2024-1072

The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seedprodlitenewlpage function in all versions up to, and including, 6.15.21...

8.2CVSS6.6AI score0.0068EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:16 a.m.11 views

CVE-2024-54284

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10...

7.6CVSS8.9AI score0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:5 a.m.9 views

CVE-2024-54283

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10...

7.6CVSS8.9AI score0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:59 a.m.7 views

CVE-2024-54285

Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows Upload a Web Shell to a Web Server.This issue affects SeedProd Pro: from n/a through 6.18.10...

9.1CVSS8.5AI score0.00494EPSS
Exploits0References1
NVD
NVD
added 2025/01/27 3:15 p.m.4 views

CVE-2025-24540

Cross-Site Request Forgery CSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Cross Site Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through = 6.18.9...

4.3CVSS0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/27 2:22 p.m.2 views

CVE-2025-24540 WordPress Website Builder by SeedProd plugin <= 6.18.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Cross Site Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through = 6.18.9...

4.3CVSS5.9AI score0.00156EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 2:22 p.m.15 views

CVE-2025-24540 WordPress Website Builder by SeedProd plugin <= 6.18.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd coming-soon allows Cross Site Request Forgery.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through = 6.18.9...

4.3CVSS0.00156EPSS
Exploits0References1
CVE
CVE
added 2025/01/27 2:22 p.m.52 views

CVE-2025-24540

CVE-2025-24540 is a CSRF vulnerability in the WordPress plugin SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd (versions n/a through 6.18.9). The flaw affects the SeedProd plugin’s CSRF protection, enabling cross-site forgery in affected installs. The reported CVSS-li...

4.3CVSS5.9AI score0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.2 views

WordPress plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Coming Soon Page, Under...

4.3CVSS6.6AI score0.00156EPSS
Exploits0References1
Rows per page
Query Builder