Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Security & Risk Analysis
wordpress.org/plugins/coming-soonEasy Drag & Drop Page Builder. A complete solution to create a WordPress Website, Custom Themes, Landing Pages, Coming Soon & Maintenance Mode Pages.
Is Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Safe to Use in 2026?
Use With Caution
Score 67/100Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.
The "coming-soon" plugin version 6.19.9 exhibits a mixed security posture. While it demonstrates good practices like using prepared statements for most SQL queries and a high percentage of output escaping, significant concerns arise from its large, unprotected attack surface. The static analysis reveals 102 entry points, with a staggering 96 of them lacking authentication checks. This presents a broad avenue for attackers to potentially interact with and exploit the plugin.
The taint analysis further exacerbates these concerns, highlighting one high-severity flow with unsanitized paths. This indicates a potential for malicious input to be processed without adequate cleaning, leading to vulnerabilities. Compounding these issues is the plugin's vulnerability history, which shows 8 previously discovered CVEs, with one high-severity vulnerability remaining unpatched. The common vulnerability types (Missing Authorization, CSRF, XSS) strongly align with the observed lack of authorization checks and potential for unsanitized input, suggesting a recurring pattern of these weaknesses.
In conclusion, while the plugin shows some positive security engineering, the sheer number of unprotected entry points and the presence of unpatched high-severity vulnerabilities create a significant risk. The recurring nature of specific vulnerability types suggests a need for a more thorough and consistent security review process for this plugin.
Key Concerns
- Unprotected AJAX handlers
- High severity taint flow
- Currently unpatched high severity CVE
- Large attack surface without auth checks
- Significant percentage of SQL without prepared statements
- Significant percentage of output not properly escaped
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Security Vulnerabilities
CVEs by Year
Severity Breakdown
8 total CVEs
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.19.8 - Missing Authorization
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.18.9 - Cross-Site Request Forgery
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd <= 6.17.4 - Authenticated (Editor+) Stored Cross-Site Scripting
Coming Soon Page, Under Construction & Maintenance Mode by SeedProd <= 6.15.20 - Cross-Site Request Forgery to Notice Dismissal
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.15.21 - Missing Authorization via seedprod_lite_new_lpage
Website Builder by SeedProd <= 6.15.13.1 - Cross-Site Request Forgery to Settings Update
Coming Soon Page by SeedProd <= 5.1.1 - Authenticated Stored Cross-Site Scripting
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Attack Surface
AJAX Handlers 100
Shortcodes 2
WordPress Hooks 59
Scheduled Events 4
Maintenance & Trust
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Maintenance & Trust
Maintenance Signals
Community Trust
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Alternatives
Landing Page Builder – Coming Soon page, Maintenance Mode, Lead Page, WordPress Landing Pages
page-builder-add
Easily create high-converting, responsive landing pages with 120+ templates using the free PluginOps Page Builder for WordPress.
Kubio AI Page Builder
kubio
Using the power of AI, Kubio gives you a head start by generating a first draft of your website, which you can further customize to your liking.
Visual Composer Website Builder
visualcomposer
Drag and drop page builder that gives the freedom to design WordPress websites, landing pages, custom themes, maintenance mode & coming soon pages.
Live Composer – Free WordPress Website Builder
live-composer-page-builder
Page builder for WordPress with drag and drop header/footer editing, responsive settings, and animations. Compatible with Gutenberg block editor.
WP Maintenance Mode & Site Under Construction
wp-maintenance-mode-site-under-construction
WP plugin for Under Construction, Maintenance Mode & Coming Soon Pages. Enable with one click & show a landing page to visitors easily.
Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode Developer Profile
5 plugins · 701K total installs
How We Detect Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/coming-soon/app/public/css/main.css/wp-content/plugins/coming-soon/app/public/css/seedprod-frontend.css/wp-content/plugins/coming-soon/app/public/js/seedprod-frontend.js/wp-content/plugins/coming-soon/resources/admin/css/seedprod-admin.css/wp-content/plugins/coming-soon/resources/admin/js/seedprod-admin.js/wp-content/plugins/coming-soon/resources/admin/js/vue/dist/app.js/wp-content/plugins/coming-soon/resources/admin/css/vue/dist/app.css/wp-content/plugins/coming-soon/resources/blocks/countdown/index.css+1 moreSeedProd v6.19.9/wp-content/plugins/coming-soon/app/public/js/seedprod-frontend.js/wp-content/plugins/coming-soon/resources/admin/js/seedprod-admin.js/wp-content/plugins/coming-soon/resources/admin/js/vue/dist/app.js/wp-content/plugins/coming-soon/resources/blocks/countdown/index.jscoming-soon/app/public/css/main.css?ver=coming-soon/app/public/css/seedprod-frontend.css?ver=coming-soon/app/public/js/seedprod-frontend.js?ver=coming-soon/resources/admin/css/seedprod-admin.css?ver=coming-soon/resources/admin/js/seedprod-admin.js?ver=coming-soon/resources/admin/js/vue/dist/app.js?ver=coming-soon/resources/admin/css/vue/dist/app.css?ver=coming-soon/resources/blocks/countdown/index.css?ver=coming-soon/resources/blocks/countdown/index.js?ver=HTML / DOM Fingerprints
seedprod-admin-wrapperseedprod-admin-contentseedprod-settings-pageseedprod-editor-wrappersp-frontend-bodysp-page-builder-bodysp-countdownseedprod-custom-css-editor<!-- SeedProd Lite --><!-- End SeedProd Lite --><!-- Load Custom Gutenberg Blocks -->data-seedprod-iddata-seedprod-typedata-seedprod-styleseedprodSeedProdLiteAdminSeedProdFrontsp_api_noncesp_countdown_data/wp-json/seedprod/v1/settings/wp-json/seedprod/v1/pages/wp-json/seedprod/v1/blocks/wp-json/seedprod/v1/themes[seedprod_form][seedprod_countdown]