Skip to main content

B Blocks

2 CVEs product

Monthly

CVE-2026-39579 HIGH This Week

Privilege escalation in the B Blocks WordPress plugin through version 2.0.31 allows authenticated users with Contributor-level access to elevate their privileges on the affected site. Reported by Patchstack and tracked as EUVD-2026-36965, the issue carries a CVSS 3.1 score of 8.8 reflecting full confidentiality, integrity, and availability impact once a low-privileged WordPress account is obtained. No public exploit identified at time of analysis, but the low attack complexity and lack of required user interaction make weaponization straightforward once an exploitation primitive is published.

Privilege Escalation B Blocks
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-32489 MEDIUM PATCH This Month

Improper access control in bPlugins B Blocks versions prior to 2.0.30 allows unauthenticated remote attackers to modify data and degrade system availability through misconfigured security levels. The vulnerability requires no user interaction and can be exploited over the network, affecting the integrity and availability of affected installations.

Authentication Bypass B Blocks
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
EPSS 0% CVSS 8.8
HIGH This Week

Privilege escalation in the B Blocks WordPress plugin through version 2.0.31 allows authenticated users with Contributor-level access to elevate their privileges on the affected site. Reported by Patchstack and tracked as EUVD-2026-36965, the issue carries a CVSS 3.1 score of 8.8 reflecting full confidentiality, integrity, and availability impact once a low-privileged WordPress account is obtained. No public exploit identified at time of analysis, but the low attack complexity and lack of required user interaction make weaponization straightforward once an exploitation primitive is published.

Privilege Escalation B Blocks
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Improper access control in bPlugins B Blocks versions prior to 2.0.30 allows unauthenticated remote attackers to modify data and degrade system availability through misconfigured security levels. The vulnerability requires no user interaction and can be exploited over the network, affecting the integrity and availability of affected installations.

Authentication Bypass B Blocks
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy