CVSS: 5.4EPSS: %CPEs: 1EXPL: 0CVE-2023-51359 – Essential Blocks for Gutenberg <= 4.2.0 - Incorrect Authorization Checks
https://notcve.org/view.php?id=CVE-2023-51359
The Essential Blocks for Gutenberg plugin for WordPress is vulnerable to unauthorized modification of data due to improper capability checks on various functions function in versions up to, and including, 4.2.0. This makes it possible for authenticated attackers, with contributor-level access and above, to perform unauthorized actions. • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 2CVE-2023-6623 – Essential Blocks < 4.4.3 - Unauthenticated Local File Inclusion
https://notcve.org/view.php?id=CVE-2023-6623
The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File Inclusion attacks. El complemento de WordPress Essential Blocks anterior a 4.4.3 no impide que atacantes no autenticados sobrescriban variables locales al representar plantillas a través de la API REST, lo que puede provocar ataques de inclusión de archivos locales. The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.4.2 via the /wp-json/essential-blocks/v1/queries REST API endpoint. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. • https://wpscan.com/blog/file-inclusion-vulnerability-fixed-in-essential-blocks-4-4-3 https://wpscan.com/vulnerability/633c28e0-0c9e-4e68-9424-55c32789b41f • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 4%CPEs: 1EXPL: 0CVE-2023-47760 – Essential Blocks for Gutenberg <= 4.2.0 - Missing Authorization via AJAX actions
https://notcve.org/view.php?id=CVE-2023-47760
The Essential Blocks for Gutenberg plugin for WordPress is vulnerable to unauthorized access to AJAX actions due to a missing capability check on several functions in versions up to, and including, 4.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to invoke those functions. A nonce check was performed in all of them. However, the nonce was leaked on the profile page. CVE-2023-51360 appears to be a duplicate of this issue. • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4402 – Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via products
https://notcve.org/view.php?id=CVE-2023-4402
The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input in the get_products function. This allows unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. El complemento Essential Blocks para WordPress es vulnerable a la inyección de objetos PHP en versiones hasta la 4.2.0 incluida a través de la deserialización de entradas que no son de confianza en la función get_products. • https://plugins.trac.wordpress.org/browser/essential-blocks/trunk/includes/API/Product.php?rev=2950425#L49 https://www.wordfence.com/threat-intel/vulnerabilities/id/1ede7a25-9bb2-408e-b7fb-e5bd4f594351?source=cve • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4386 – Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via queries
https://notcve.org/view.php?id=CVE-2023-4386
The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input in the get_posts function. This allows unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. El complemento Essential Blocks para WordPress es vulnerable a la inyección de objetos PHP en versiones hasta la 4.2.0 incluida a través de la deserialización de entradas que no son de confianza en la función get_posts. • https://plugins.trac.wordpress.org/browser/essential-blocks/trunk/includes/API/PostBlock.php?rev=2950425#L30 https://www.wordfence.com/threat-intel/vulnerabilities/id/af468f83-d6ad-474c-bf7f-c4eeb6df1b54?source=cve • CWE-502: Deserialization of Untrusted Data •