A vulnerability was found in stellarwp Kadence Blocks Plugin up to 3.5.32. It has been classified as critical. Affected by this issue is the function get_items_permission_check of the component REST API Endpoint. This manipulation causes improper authorization.

The identification of this vulnerability is CVE-2026-15286. It is possible to initiate the attack remotely. There is no exploit available.