Shambles

**Name of the Vulnerable Software and Affected Versions** Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns versions prior to 6.1.4 **Description** The plugin is susceptible to Server-Side Request Forgery (SSRF), a flaw where an attacker can induce the server-side application to make requests to an unintended location. Authenticated attackers with Author-level access or higher can utilize the `save ai generated image()` function to send web requests to arbitrary locations from the web application, potentially querying or modifying information from internal services. **Recommendations** Update to a version later than 6.1.3. As a temporary workaround, restrict access to the `save ai generated image()` function to minimize the risk of exploitation.