Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder bm-builder allows Path Traversal.This issue affects BM Content Builder: from n/a through < 3.16.3.3.
Published: 2026-01-22
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This flaw is a path traversal vulnerability that lets an attacker download arbitrary files from the web server where WordPress is installed. By manipulating the file path parameter handled by the BM Content Builder plugin, an attacker can read files such as configuration files, user uploads, or private data, compromising confidentiality and potentially exposing credentials or private content.

Affected Systems

All WordPress sites that use the SeaTheme BM Content Builder plugin with a version older than 3.16.3.3 are affected. The vulnerability applies to every installation of the plugin before the specified version and can affect any WordPress site that has the plugin activated.

Risk and Exploitability

The CVSS score of 6.5 rates the vulnerability as moderate, while the EPSS score of less than 1% indicates a low probability of exploitation at the time of assessment. The flaw is not currently listed in the CISA KEV catalog, but it can be exploited remotely through crafted HTTP requests without authentication, provided the plugin’s parameter handling is exposed. An attacker could retrieve files from any directory the web server user can read, potentially leading to broader system compromise if sensitive files are accessed.

Generated by OpenCVE AI on April 29, 2026 at 10:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest BM Content Builder plugin version 3.16.3.3 or newer to all WordPress installations
  • If the plugin is not required, disable or uninstall it entirely to eliminate the vulnerable code
  • Implement a web application firewall rule or security plugin to block path traversal attempts on the BM Content Builder parameter.

Generated by OpenCVE AI on April 29, 2026 at 10:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder allows Path Traversal.This issue affects BM Content Builder: from n/a before 3.16.3.3. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder bm-builder allows Path Traversal.This issue affects BM Content Builder: from n/a through < 3.16.3.3.
References

Tue, 17 Feb 2026 09:30:00 +0000

Type Values Removed Values Added
References

Tue, 17 Feb 2026 09:00:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder bm-builder allows Path Traversal.This issue affects BM Content Builder: from n/a through <= 3.16.3. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder allows Path Traversal.This issue affects BM Content Builder: from n/a before 3.16.3.3.
Title WordPress BM Content Builder plugin <= 3.16.3 - Arbitrary File Download vulnerability WordPress BM Content Builder plugin < 3.16.3.3 - Arbitrary File Download vulnerability
References

Thu, 29 Jan 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

 cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Wed, 28 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Seatheme
Seatheme bm Content Builder
Wordpress
Wordpress wordpress
Vendors & Products Seatheme
Seatheme bm Content Builder
Wordpress
Wordpress wordpress

Thu, 22 Jan 2026 23:00:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder bm-builder allows Path Traversal.This issue affects BM Content Builder: from n/a through <= 3.16.3.
Title WordPress BM Content Builder plugin <= 3.16.3 - Arbitrary File Download vulnerability
Weaknesses CWE-22
References

Subscriptions

Seatheme Bm Content Builder
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-04-28T20:36:59.088Z

Reserved: 2025-12-29T11:18:59.801Z

Link: CVE-2025-69055

cve-icon Vulnrichment

Updated: 2026-01-28T21:43:41.145Z

cve-icon NVD

Status : Deferred

Published: 2026-01-22T17:16:19.140

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-69055

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T11:00:10Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')