CVE-2026-0950

Name of the Vulnerable Software and Affected Versions Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress versions prior to 2.19.18

Description The Spectra Gutenberg Blocks plugin for WordPress is susceptible to information disclosure. The plugin does not verify post password required() before rendering post excerpts using the render excerpt() function and the uagb get excerpt() helper function. This allows unauthenticated attackers to view excerpts of password-protected posts through Spectra Post Grid, Post Masonry, Post Carousel, or Post Timeline blocks.

Recommendations Update to version 2.19.18 or later.