Really Simple Security logo

Log out
Get PRO

Latest

Access violation vulnerability in Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates 4.0.6

  • Severity: medium-risk
  • Status: Fixed
  • Publication: April 18, 2023

The Essential Blocks plugin for WordPress has a security issue in versions up to and including 4.0.6. Someone with only a subscriber-level account can access information about the plugin’s templates. This happens because the plugin does not properly check for permission levels before allowing someone to access the template information. Even though the plugin does have a security measure called a nonce check

Detected in:

Essential Blocks – AI-Powered Page Builder Gutenberg Blocks, Patterns & Templates fixed vulnerable versions:
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates fixed vulnerable versions: >= * <= 4.0.6
Essential Blocks for Gutenberg – Page Builder for Gutenberg Blocks & Patterns fixed vulnerable versions:
Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.