cleantalk
Vulnerabilities and Security Researches

VK Blocks, CVE-2024-13635

CVE, Research URL

CVE-2024-13635

Home page URL

Security reports for VK Blocks

Application

VK Blocks

Published on
Mar 07, 2025
Research Description
The VK Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.94.2.2 via the page content block. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the content of private posts and pages.
Affected versions
max 1.95.0.3.
Status
vulnerable
Previous vulnerability researches
VK Blocks (CVE-2023-27923) , Jun 07, 2024
VK Blocks (CVE-2023-27925) , Jun 07, 2024
VK Blocks (CVE-2023-0583) , Jun 07, 2024
VK Blocks (CVE-2023-5706) , Jun 07, 2024
VK Blocks (CVE-2023-0584) , Jun 07, 2024
New vulnerability
Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form (CVE-2026-25418) , Feb 28, 2026
Image Photo Gallery Final Tiles Grid (CVE-2026-25375) , Feb 28, 2026
Share This Image (CVE-2026-25010) , Feb 28, 2026
Bold Page Builder (CVE-2026-25451) , Feb 28, 2026
Bold Page Builder (CVE-2025-13463) , Feb 28, 2026