[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$frjlKfzZ_ExxvNRY-t5o42VsIl6IJErxzp1uZAjW49Uc":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-08c957fb-05e8-489e-846e-1afb0ca6750f-photoblocks-grid-gallery","gallery-photoblocks-missing-authorization-checks","Gallery PhotoBlocks \u003C= 1.2.8 - Missing Authorization Checks","The Gallery PhotoBlocks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including 1.2.8 due to missing capability checks on the init() function found in the ~\u002Fadmin\u002Fclass-photoblocks-admin.php file. This makes it possible for authenticated users with minimal permissions, such as a subscriber, to delete and clone gallery photoblocks.","photoblocks-grid-gallery",null,"\u003C=1.2.8","1.2.9","medium",5.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:L","Missing Authorization","2022-08-17 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F08c957fb-05e8-489e-846e-1afb0ca6750f?source=api-prod",524]