Block Logic Plugin Vulnerability

Posted in

, ,

on

We found quite a serious vulnerability in the Block Logic plugin which has been responsibly disclosed. The vulnerability would allow anyone with a contributor (or higher) user account to run their own PHP code on the server which we demonstrated would allow them to upgrade their user account to administrator.

As a result of this the plugin was temporarily closed on the WordPress repository on the 18th March 2025 whilst the plugin developers resolve the issue.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts

contact

If you're contacting us with regards to one of our plugins, please use our support form instead. Contact us if you need help with your site. Required fields are marked *