2 matches found
CVE-2023-2084
CVE-2023-2084 affects the WordPress Essential Blocks plugin for WordPress, vulnerable up to version 4.0.6. The root cause is a missing capability check in the get function, allowing subscriber-level attackers to read or obtain plugin settings. Although a nonce check exists, it only runs when a no...
CVE-2023-2084
The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the get function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin settings. While a nonce check is...