Description
WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently save/obtain plugin settings, or obtain plugin template information. WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates version 4.0.6 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.0.7 or latest
References
Related Vulnerabilities
OpenVPN AS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9104)
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.32)
Microsoft SQL Server Other Vulnerability (CVE-2002-1872)
WordPress Plugin Vertical SlideShow 'upload.php' Arbitrary File Upload (2.1)
WordPress Plugin Easy Property Listings Cross-Site Request Forgery (3.3.5.8)