cleantalk
Vulnerabilities and Security Researches

Gutenberg Blocks by Kadence Blocks – Page Builder Features, CVE-2026-2608

CVE, Research URL

CVE-2026-2608

Home page URL

Security reports for Gutenberg Blocks by Kadence Blocks – Page Builder Features

Application

Gutenberg Blocks by Kadence Blocks – Page Builder Features

Published on
Feb 17, 2026
Research Description
The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.5.32. This makes it possible for authenticated attackers, with Contributor-level access and above, to perform an unauthorized action.
Affected versions
max 3.6.0.
Status
vulnerable
Previous vulnerability researches
Stacks Mobile App Builder – The most powerful Mobile Applications Drag and Drop builder (CVE-2024-50477) , Oct 29, 2024
Stacks Mobile App Builder – The most powerful Mobile Applications Drag and Drop builder (CVE-2024-50528) , Nov 03, 2024
Stacks Mobile App Builder – The most powerful Mobile Applications Drag and Drop builder (CVE-2024-50527) , Nov 03, 2024
New vulnerability
Photo Gallery by 10Web – Mobile-Friendly Image Gallery (CVE-2026-1036) , Apr 15, 2026
Secure Copy Content Protection and Content Locking (CVE-2026-1320) , Apr 15, 2026
Secure Copy Content Protection and Content Locking (CVE-2026-2367) , Apr 15, 2026
Post Grid, Post Carousel, & List Category Posts – by Smart Post Show (CVE-2026-3017) , Apr 15, 2026
Japanized For WooCommerce (CVE-2026-1305) , Apr 15, 2026