CVE-2026-2371— Greenshift <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load'

Greenshift <= 12.8.3 - Missing Authorization to Unauthenticated Private Reusable Block Disclosure via 'gspb_el_reusable_load'

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 12.8.3. This is due to missing authorization and post status validation in the `gspb_el_reusable_load()` AJAX handler. The handler accepts an arbitrary `post_id` parameter and renders the content of any `wp_block` post without checking `current_user_can('read_post', $post_id)` or verifying the post status. Combined with the nonce being exposed to unauthenticated users on any public page using the `[wp_reusable_render]` shortcode with `ajax="1"`, this makes it possible for unauthenticated attackers to retrieve the rendered HTML content of private, draft, or password-protected reusable blocks.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

授权机制缺失

WordPress plugin Greenshift – animation and page builder blocks 安全漏洞

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台具有在基于PHP和MySQL的服务器上架设个人博客网站的功能。WordPress plugin是一个应用插件。 WordPress plugin Greenshift – animation and page builder blocks 12.8.3及之前版本存在安全漏洞，该漏洞源于缺少授权和文章状态验证，可能导致未经身份验证的攻击者检索私有、草稿或受密码保

N/A

N/A