cleantalk
Vulnerabilities and Security Researches

Gutenberg Blocks by Kadence Blocks – Page Builder Features, CVE-2026-2608

CVE, Research URL

CVE-2026-2608

Home page URL

Security reports for Gutenberg Blocks by Kadence Blocks – Page Builder Features

Application

Gutenberg Blocks by Kadence Blocks – Page Builder Features

Published on
Feb 17, 2026
Research Description
The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.5.32. This makes it possible for authenticated attackers, with Contributor-level access and above, to perform an unauthorized action.
Affected versions
max 3.6.0.
Status
vulnerable
Previous vulnerability researches
Brid Video Easy Publish (CVE-2025-5237) , Jun 18, 2025
Brid Video Easy Publish (CVE-2025-32688) , Apr 29, 2025
Brid Video Easy Publish (CVE-2025-8072) , Apr 14, 2026
Brid Video Easy Publish (CVE-2024-13561) , Jan 31, 2025
Brid Video Easy Publish (CVE-2024-12076) , Jan 26, 2025
New vulnerability
Photo Gallery by 10Web – Mobile-Friendly Image Gallery (CVE-2026-1036) , Apr 15, 2026
Secure Copy Content Protection and Content Locking (CVE-2026-1320) , Apr 15, 2026
Secure Copy Content Protection and Content Locking (CVE-2026-2367) , Apr 15, 2026
Post Grid, Post Carousel, & List Category Posts – by Smart Post Show (CVE-2026-3017) , Apr 15, 2026
Japanized For WooCommerce (CVE-2026-1305) , Apr 15, 2026