Oliver Campion

**Name of the Vulnerable Software and Affected Versions** The Block Logic – Full Gutenberg Block Display Control plugin for WordPress versions 1.0.8 and earlier **Description** The Block Logic – Full Gutenberg Block Display Control plugin for WordPress is vulnerable to Remote Code Execution due to the unsafe evaluation of user-controlled input via the `block logic check logic` function. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server. **Recommendations** For versions 1.0.8 and earlier, update to a version that fixes the vulnerability. As a temporary workaround, consider disabling the `block logic check logic` function until a patch is available. Restrict access to the plugin to minimize the risk of exploitation. Avoid using the plugin until the issue is resolved.