PT-2024-11757 · WordPress · Wpdeveloper Essential Blocks For Gutenberg

Lucio Sá

Published

2024-12-13

Updated

2024-12-15

CVE-2022-47594

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions WPDeveloper Essential Blocks for Gutenberg versions 3.8.5 and earlier

Description The issue affects the access control security levels in WPDeveloper Essential Blocks for Gutenberg, allowing exploitation due to missing authorization. This enables broken access control.

Recommendations For versions 3.8.5 and earlier, update to the latest version to secure the site. As a temporary workaround, consider restricting access to sensitive features until the update is applied.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2022-47594

Affected Products

Wpdeveloper Essential Blocks For Gutenberg

PT-2024-11757 · WordPress · Wpdeveloper Essential Blocks For Gutenberg

CVE-2022-47594

Weakness Enumeration

Related Identifiers

Affected Products

References · 7