CVE-2025-3949 – SeedProd Theme Builder Landing Page Builder Unauthorized Data Access Vulnerability

May 9, 2025

CVE ID : CVE-2025-3949

Published : May 9, 2025, 9:15 a.m. | 2 hours, 52 minutes ago

Description : The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘seedprod_lite_get_revisisons’ function in all versions up to, and including, 6.18.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the content of arbitrary landing page revisions.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46392 – Apache Commons Configuration Uncontrolled Resource Consumption Vulnerability

Next Article CVE-2025-4403 – WooCommerce Drag and Drop Multiple File Upload Arbitrary File Upload Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This Motorola Razr deal at Best Buy is the top offer I’ve seen on the flip phone

Google Maps can identify and save places in your screenshots – here’s how

T-Mobile is giving loyal users a free line right now – how to see if you qualify

CTA warns of tariff-fueled price hikes on consumer tech – but it’s not all bad news

Big Node, VS Code, and Mantine updates

Big Node, VS Code, and Mantine updates

Prepare for Contact Center Week with Colleen Eager

Preparing for the Unthinkable: Safeguarding People and Productivity During India-Pakistan Conflicts

Microsoft confirms Offline Calendar for New Outlook on Windows 11

Microsoft confirms Offline Calendar for New Outlook on Windows 11

Windows 11 Microsoft Store tests Copilot integration to increase app downloads

Beyond APT: Software Management with Flatpak on Ubuntu

CVE-2025-3949 – SeedProd Theme Builder Landing Page Builder Unauthorized Data Access Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4495 – JAdmin-JAVA Cross-Site Scripting Vulnerability

The 25+ best Amazon Spring Sale deals under $50

Improving Data Quality in Online Studies

Bill Gates says “AI will replace humans for most things” in 20 years, including blue-and white-collar jobs — but floats short work weeks and early retirement as trade-offs

It may be time to say goodbye to WeakAuras in World of Warcraft’s 11.1.5 update which just had its launch date announced

Microsoft Research Introduces MMInference to Accelerate Pre-filling for Long-Context Vision-Language Models

APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures

See-Through Parallel Universes with Your Mind’s Eye – The Course Guidebook: Chapter 1

Are Password Managers Safe to Use? (Benefits, Risks & Best Practices)

CVE-2025-3949 – SeedProd Theme Builder Landing Page Builder Unauthorized Data Access Vulnerability

Related Posts