CVE-2026-2826

Medium CVSS: 4.3

The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.6.3. This is due to the plugin not properly verifying that a user has the `upload_files` capability in the `process_pattern` REST API endpoint. This makes it possible for authenticated attackers, with contributor level access and above, to upload images to the WordPress Media Library by supplying remote image URLs that the server downloads and creates as media attachments.

Vendor

Product

CWE

CWE-862

Yayın Tarihi

2026-04-04 09:16:20

Güncelleme

2026-04-07 13:20:55

Source Identifier

security@wordfence.com

KEV Date Added

Kategoriler

CWE-862 MEDIUM 2026

Referanslar

https://plugins.trac.wordpress.org/browser/kadence-blocks/tags/3.6.4/includes/class-kadence-blocks-prebuilt-library-rest-api.php#L1224 https://www.wordfence.com/threat-intel/vulnerabilities/id/5f91df7e-5d9d-4a3a-9afc-d771106a0be6?source=cve