Unrated severityNVD Advisory· Published Jan 15, 2024· Updated Jun 11, 2025
Essential Blocks < 4.4.3 - Unauthenticated Local File Inclusion
CVE-2023-6623
Description
The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File Inclusion attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <4.4.3
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/633c28e0-0c9e-4e68-9424-55c32789b41fmitreexploitvdb-entrytechnical-description
- wpscan.com/blog/file-inclusion-vulnerability-fixed-in-essential-blocks-4-4-3/mitre
News mentions
0No linked articles in our index yet.