Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.1.26 - Authenticated(Contributor+) Server-Side Request Forgery (SSRF)

Wordfence Intelligence   >   Vulnerability Database   >   Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.1.26 - Authenticated(Contributor+) Server-Side Request Forgery (SSRF)
8.5
Server-Side Request Forgery (SSRF)
CVE CVE-2023-6964
CVSS 8.5 (High)
Publicly Published April 9, 2024
Last Updated April 9, 2024
Researcher Lucio Sá

Description

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.26 via the 'kadence_import_get_new_connection_data' AJAX action. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.

References

Share

Vulnerability Details for Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

Software Type Plugin
Software Slug kadence-blocks (view on wordpress.org)
Patched? Yes
Remediation Update to version 3.2.12, or a newer patched version
Affected Version
  • <= 3.1.26
Patched Version
  • 3.2.12

Recent vulnerabilities in Kadence Blocks — Page Builder Toolkit for Gutenberg Editor

Kadence Blocks <= 3.7.5 - Authenticated (Contributor+) Sensitive Information Exposure via Block Editor proData Localization
4.3
CVE-2026-11357
Jun 17, 2026
Researcher: se1en
Kadence Blocks — Page Builder Toolkit for Gutenberg Editor <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media Upload
4.3
CVE-2026-2826
Apr 3, 2026
Researcher: lucsob
Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Missing Authorization to Authenticated (Contributor+) Unauthorized Media Upload
4.3
CVE-2026-2633
Feb 17, 2026
Researcher: Ali Sünbül
Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' Parameter
4.3
CVE-2026-1857
Feb 17, 2026
Researcher: Ali Sünbül
Gutenberg Blocks by Kadence Blocks <= 3.5.32 - Missing Authorization
4.3
CVE-2026-2608
Feb 11, 2026
Researcher: johska
Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.5.32 - Incorrect Authorization to Authenticated (Contributor+) Post Publication
4.3
CVE ID Unknown
Feb 10, 2026
Researcher: johska
Kadence Blocks – Gutenberg Blocks for Page Builder Features <= 3.5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via `redirectURL` Parameter
6.4
CVE-2025-5678
Jul 8, 2025
Researcher: Asaf Mozes
Gutenberg Blocks by Kadence Blocks <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'icon'
6.4
CVE-2025-1291
Feb 28, 2025
Researcher: stealthcopter
Gutenberg Blocks by Kadence Blocks <= 3.3.1 - Missing Authorization
4.3
CVE-2025-24753
Jan 24, 2025
Researcher: Rafie Muhammad
Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.4.2 - Authenticated (contributor+) Stored Cross-Site Scripting via Button Link
6.4
CVE-2024-12304
Jan 10, 2025
Researcher: zer0gh0st
# Title CVE ID CVSS Researchers Date
1 Kadence Blocks <= 3.7.5 - Authenticated (Contributor+) Sensitive Information Exposure via Block Editor proData Localization CVE-2026-11357 4.3 se1en June 17, 2026
2 Kadence Blocks — Page Builder Toolkit for Gutenberg Editor <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media Upload CVE-2026-2826 4.3 lucsob April 3, 2026
3 Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Missing Authorization to Authenticated (Contributor+) Unauthorized Media Upload CVE-2026-2633 4.3 Ali Sünbül February 17, 2026
4 Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' Parameter CVE-2026-1857 4.3 Ali Sünbül February 17, 2026
5 Gutenberg Blocks by Kadence Blocks <= 3.5.32 - Missing Authorization CVE-2026-2608 4.3 johska February 11, 2026
6 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.5.32 - Incorrect Authorization to Authenticated (Contributor+) Post Publication 4.3 johska February 10, 2026
7 Kadence Blocks – Gutenberg Blocks for Page Builder Features <= 3.5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via `redirectURL` Parameter CVE-2025-5678 6.4 Asaf Mozes July 8, 2025
8 Gutenberg Blocks by Kadence Blocks <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'icon' CVE-2025-1291 6.4 stealthcopter February 28, 2025
9 Gutenberg Blocks by Kadence Blocks <= 3.3.1 - Missing Authorization CVE-2025-24753 4.3 Rafie Muhammad January 24, 2025
10 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.4.2 - Authenticated (contributor+) Stored Cross-Site Scripting via Button Link CVE-2024-12304 6.4 zer0gh0st January 10, 2025
View more vulnerabilities in this software package View more vulnerabilities

This record contains material that is subject to copyright.

Copyright 2012-2026 Defiant Inc.

License: Defiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy. Read more.

Copyright 1999-2026 The MITRE Corporation

License: CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy. Read more.

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation