2 matches found
Essential Blocks < 4.4.3 - Local File Inclusion
Wordpress Essential Blocks plugin prior to 4.4.3 was discovered to be vulnerable to a significant Local File Inclusion vulnerability that may be exploited by any attacker, regardless of whether they have an account on the site. id: CVE-2023-6623 info: name: Essential Blocks 4.4.3 - Local File...
CVE-2023-6623
The CVE-2023-6623 entry corresponds to a Local File Inclusion vulnerability in the WordPress Essential Blocks plugin prior to version 4.4.3. Several connected sources confirm that unauthenticated attackers can overwrite local variables when rendering templates via the REST API, potentially enabli...