4 matches found
CVE-2023-1910
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the getremotetemplates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers with subscriber-level...
CVE-2023-1910
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the getremotetemplates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers with subscriber-level...
WordPress Getwid – Gutenberg Blocks Plugin <= 1.8.3 is vulnerable to Broken Access Control
Software Getwid – Gutenberg Blocks Type Plugin Vulnerable versions = 1.8.3 Fixed in 1.8.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-1910 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID bae53bb70dd5 Credits Ramuel Gall...
WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF
On April 6, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two vulnerabilities in Getwid – Gutenberg Blocks, a plugin installed on over 50,000 WordPress sites. The plugin’s developers responded immediately, and we sent over the full disclosure the sa...