CVE-2025-24753 — Missing Authorization in Gutenberg Blocks With AI

CWE-862 — Missing Authorization3 documents3 sources

Severity

8.8HIGHNVD

EPSS

0.2%

top 64.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Kadencewp Gutenberg Blocks With AI Stellarwp Gutenberg Blocks BY Kadence Blocks

Timeline

PublishedJan 24

Description

Missing Authorization vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.3.1.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5stellarwp/gutenberg_blocks_by_kadence_blocks3.3.1

▶NVDkadencewp/gutenberg_blocks_with_ai< 3.3.2

🔴Vulnerability Details

GHSA

GHSA-g5jx-rvpr-cwqr: Missing Authorization vulnerability in Kadence WP Gutenberg Blocks by Kadence Blocks allows Exploiting Incorrectly Configured Access Control Security↗2025-01-24

▶

CVEList

WordPress Kadence Blocks plugin <= 3.3.1 - Broken Access Control vulnerability↗2025-01-24

▶