WordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Abu Hurayra in WordPress Plugin MaxiBlocks versions = 2.1.3...

CVE-2025-58968 WordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MaxiBlocks: from n/a through = 2.1.3...

CVE-2025-47601

CVE-2025-47601 concerns the WordPress MaxiBlocks plugin. Affected software: MaxiBlocks versions up to 2.1.0 (listed as n/a through 2.1.0). Root cause: Missing authorization enables privilege escalation. CVSSv3.1 base score 8.8 (High); attack vector Network, authentication required Low, user inter...

WordPress MaxiBlocks Plugin <= 1.9.2 is vulnerable to Arbitrary File Deletion

Software MaxiBlocks Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-6885 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 302b1ce9770d Credits Lucio Sá Required privilege...