CVE-2026-10780 | mohammadtanzilurrahman Static Block Plugin up to 2.2 on WordPress Shortcode static_block_content ID authorization

Inserito da Angelo Barbosa | Giu 16, 2026 | CVE

A vulnerability has been found in mohammadtanzilurrahman Static Block Plugin up to 2.2 on WordPress and classified as problematic. Impacted is the function static_block_content of the component Shortcode Handler. The manipulation of the argument ID leads to authorization bypass.

This vulnerability is referenced as CVE-2026-10780. Remote exploitation of the attack is possible. No exploit is available.

CVE-2026-10780 | mohammadtanzilurrahman Static Block Plugin up to 2.2 on WordPress Shortcode static_block_content ID authorization

Post correlati

CVE-2025-62259 | Liferay Portal/DXP API authorization

CVE-2024-51122 | Zertificon Z1 SecureMail Z1 CertServer 3.16.4-2516-debian12 ST/L/O/OU/CN cross site scripting

CVE-2024-3140 | SourceCodester Computer Laboratory Management System 1.0 Users.php middlename cross site scripting

CVE-2025-24477 | Fortinet FortiOS up to 7.2.11/7.4.7/7.6.1 cw_stad Daemon heap-based overflow (FG-IR-25-026)