CVE-2026-0950
Information Disclosure in Spectra Gutenberg Blocks Plugin for WordPress
Publication date: 2026-02-03
Last updated on: 2026-02-03
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ultimate_addons_for_gutenberg | ultimate_addons_for_gutenberg | to 2.19.17 (inc) |
| ultimate_addons_for_gutenberg | ultimate_addons_for_gutenberg | 2.19.18 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in the Spectra Gutenberg Blocks β Website Builder for the Block Editor plugin for WordPress allows unauthenticated attackers to read excerpts of password-protected posts. This happens because the plugin fails to check if a post is password-protected (using the `post_password_required()` function) before rendering post excerpts in certain functions (`render_excerpt()` and `uagb_get_excerpt()`). As a result, anyone can view excerpts of protected posts simply by visiting any page containing specific Spectra blocks like Post Grid, Post Masonry, Post Carousel, or Post Timeline.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated attackers to access excerpts of password-protected posts, leading to unauthorized information disclosure. This exposure of protected content could potentially violate data privacy and protection regulations such as GDPR or HIPAA, which require safeguarding sensitive or personal data from unauthorized access. Therefore, the vulnerability undermines compliance with these standards by failing to adequately protect confidential information. [4]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized information disclosure. Specifically, sensitive content from password-protected posts can be partially exposed through their excerpts without requiring authentication. This could compromise privacy or confidentiality of protected content, potentially leaking information that was intended to be restricted to authorized users only.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your WordPress site is running the Spectra Gutenberg Blocks β Website Builder for the Block Editor plugin version 2.19.17 or earlier. Specifically, you can look for pages containing Spectra Post Grid, Post Masonry, Post Carousel, or Post Timeline blocks and test if excerpts of password-protected posts are visible without authentication. There are no explicit commands provided in the resources to detect this vulnerability on a network or system. However, a practical approach is to attempt accessing pages with these blocks and verify if excerpts of password-protected posts are exposed. Additionally, checking the installed plugin version via WordPress CLI can help: `wp plugin get ultimate-addons-for-gutenberg --field=version` to confirm if the version is vulnerable (<= 2.19.17). [5]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Ultimate Addons for Gutenberg plugin to version 2.19.18 or later, where the vulnerability has been fixed by adding proper checks for password-protected posts before rendering excerpts. This update includes security and access control improvements that prevent unauthenticated users from viewing excerpts of password-protected posts. If updating immediately is not possible, consider disabling or removing blocks that display post excerpts (Post Grid, Post Masonry, Post Carousel, Post Timeline) until the update can be applied. Additionally, review and restrict REST API access to sensitive custom post types as implemented in version 2.19.18. [4]