cleantalk
Vulnerabilities and Security Researches

Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid, CVE-2026-40728

CVE, Research URL

CVE-2026-40728

Home page URL

Security reports for Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid

Application

Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid

Published on
Apr 15, 2026
Research Description
Missing Authorization vulnerability in BlockArt Magazine Blocks magazine-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Blocks: from n/a through <= 1.8.3.
Affected versions
max 1.8.4.
Status
vulnerable
Previous vulnerability researches
Modern Polls (CVE-2025-46466) , Apr 26, 2025
New vulnerability
WP Allowed Hosts (CVE-2026-0734) , Apr 17, 2026
Real Post Slider Lite (CVE-2026-0680) , Apr 17, 2026
WP Docs (CVE-2026-3878) , Apr 17, 2026
Accessibly &#8211; WordPress Website Accessibility (CVE-2026-3643) , Apr 17, 2026
Barcode Scanner and Inventory manager. POS (Point of Sale) &#8211; scan barcodes &amp; create orders with barcode reader. (CVE-2026-4880) , Apr 17, 2026