cleantalk
Vulnerabilities and Security Researches

Greenshift – animation and page builder blocks, CVE-2026-1927

CVE, Research URL

CVE-2026-1927

Home page URL

Security reports for Greenshift – animation and page builder blocks

Application

Greenshift – animation and page builder blocks

Published on
Feb 05, 2026
Research Description
The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshift_app_pass_validation() function in all versions up to, and including, 12.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve global plugin settings including stored AI API keys and modify plugin settings, including the injection of arbitrary web scripts via the 'custom_css' value (stored XSS). NOTE: This vulnerability was partially patched in version 12.6.
Affected versions
max 12.6.1.
Status
vulnerable
Previous vulnerability researches
Germanized for WooCommerce (c7f8732ffdd5f3947de85d9aaed3c63d7a44299e) , Jun 07, 2024
Germanized for WooCommerce (CVE-2026-2582) , Apr 14, 2026
New vulnerability
Customer Reviews for WooCommerce (CVE-2026-1316) , Apr 15, 2026
WP Recipe Maker (CVE-2026-1558) , Apr 15, 2026
Page and Post Clone (CVE-2026-2893) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-2589) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-1927) , Apr 15, 2026