VYPR

Ultimate Addons For Gutenberg

by WordPress

Source repositories

CVEs (6)

  • CVE-2026-7465HigMay 30, 2026
    risk 0.57cvss 8.8epss 0.01

    The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to…

  • CVE-2025-1784MedMar 26, 2025
    risk 0.42cvss 6.4epss 0.00

    The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uagb block in all versions up to, and including, 2.19.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…

  • CVE-2020-36702MedJun 7, 2023
    risk 0.36cvss 5.5epss 0.00

    The Ultimate Addons for Gutenberg plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 1.14.7. This is due to missing capability checks on several AJAX actions. This makes it possible for authenticated attackers with subscriber+…

  • CVE-2026-24982MedFeb 3, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.17.

  • CVE-2026-0950MedFeb 3, 2026
    risk 0.34cvss 5.3epss 0.00

    The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 2.19.17. This is due to the plugin failing to check `post_password_required()` before rendering post excerpts…

  • CVE-2026-42648MedApr 29, 2026
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Brainstorm Force Spectra ultimate-addons-for-gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through <= 2.19.22.