B Blocks
Monthly
Privilege escalation in the B Blocks WordPress plugin through version 2.0.31 allows authenticated users with Contributor-level access to elevate their privileges on the affected site. Reported by Patchstack and tracked as EUVD-2026-36965, the issue carries a CVSS 3.1 score of 8.8 reflecting full confidentiality, integrity, and availability impact once a low-privileged WordPress account is obtained. No public exploit identified at time of analysis, but the low attack complexity and lack of required user interaction make weaponization straightforward once an exploitation primitive is published.
Improper access control in bPlugins B Blocks versions prior to 2.0.30 allows unauthenticated remote attackers to modify data and degrade system availability through misconfigured security levels. The vulnerability requires no user interaction and can be exploited over the network, affecting the integrity and availability of affected installations.
Privilege escalation in the B Blocks WordPress plugin through version 2.0.31 allows authenticated users with Contributor-level access to elevate their privileges on the affected site. Reported by Patchstack and tracked as EUVD-2026-36965, the issue carries a CVSS 3.1 score of 8.8 reflecting full confidentiality, integrity, and availability impact once a low-privileged WordPress account is obtained. No public exploit identified at time of analysis, but the low attack complexity and lack of required user interaction make weaponization straightforward once an exploitation primitive is published.
Improper access control in bPlugins B Blocks versions prior to 2.0.30 allows unauthenticated remote attackers to modify data and degrade system availability through misconfigured security levels. The vulnerability requires no user interaction and can be exploited over the network, affecting the integrity and availability of affected installations.