Vulnerabilities > Seedprod
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-05 | CVE-2024-1072 | Missing Authorization vulnerability in Seedprod Website Builder BY Seedprod The Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the seedprod_lite_new_lpage function in all versions up to, and including, 6.15.21. | 7.5 |
2023-10-30 | CVE-2023-5049 | Cross-site Scripting vulnerability in Seedprod Rafflepress 1.12.0 The Giveaways and Contests by RafflePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rafflepress' and 'rafflepress_gutenberg' shortcode in versions up to, and including, 1.12.0 due to insufficient input sanitization and output escaping on 'giframe' user supplied attribute. | 5.4 |
2023-10-20 | CVE-2023-4975 | Cross-Site Request Forgery (CSRF) vulnerability in Seedprod Website Builder BY Seedprod The Website Builder by SeedProd plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.15.13.1. | 4.3 |
2020-06-24 | CVE-2020-15038 | Cross-site Scripting vulnerability in Seedprod Coming Soon Page, Under Construction & Maintenance Mode The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS. | 5.4 |