Description
WordPress Plugin Global Content Blocks is prone to multiple security vulnerabilities, including a remote PHP code execution vulnerability and multiple information disclosure vulnerabilities. Successful exploits of these issues may allow remote attackers to execute arbitrary malicious PHP code in the context of the application or obtain potentially sensitive information. WordPress Plugin Global Content Blocks version 1.5.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.5.2 or latest
References
Related Vulnerabilities
WordPress Plugin Quick Buy For Woocommerce Arbitrary File Disclosure (2.0)
Drupal Core 9.1.x Arbitrary File Overwrite (9.1.0 - 9.1.2)
WordPress Plugin Woocommerce Payment Gateway per Category Cross-Site Scripting (2.0.10)
WordPress Plugin BuddyPress Customer.io Analytics Integration Cross-Site Request Forgery (1.1.6)