{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11879", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-16T17:39:33.643Z", "datePublished": "2025-10-25T05:31:21.144Z", "dateUpdated": "2026-04-08T16:56:17.656Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:56:17.656Z"}, "affected": [{"vendor": "edge22", "product": "GenerateBlocks", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.1.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The GenerateBlocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_option_rest' function in all versions up to, and including, 2.1.1. This makes it possible for authenticated attackers, with contributor level access and above, to read arbitrary WordPress options, including sensitive information such as SMTP credentials, API keys, and other data stored by other plugins."}], "title": "GenerateBlocks <= 2.1.1 - Improper Authorization to Authenticated (Contributor+) Arbitrary Options Disclosure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f1ba1c7-de88-4070-a4ec-fbe4a0c30920?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L78"}, {"url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L356"}, {"url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L19"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-285 Improper Authorization", "cweId": "CWE-285", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lucas Montes"}], "timeline": [{"time": "2025-10-11T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-10-16T21:23:23.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-10-24T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-27T15:51:27.362971Z", "id": "CVE-2025-11879", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-27T15:51:35.186Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11879", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-27T15:51:27.362971Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-27T15:51:31.634Z"}}], "cna": {"title": "GenerateBlocks <= 2.1.1 - Improper Authorization to Authenticated (Contributor+) Arbitrary Options Disclosure", "credits": [{"lang": "en", "type": "finder", "value": "Lucas Montes"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "edge22", "product": "GenerateBlocks", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2.1.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-11T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-10-16T21:23:23.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-10-24T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f1ba1c7-de88-4070-a4ec-fbe4a0c30920?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L78"}, {"url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L356"}, {"url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L19"}], "descriptions": [{"lang": "en", "value": "The GenerateBlocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_option_rest' function in all versions up to, and including, 2.1.1. This makes it possible for authenticated attackers, with contributor level access and above, to read arbitrary WordPress options, including sensitive information such as SMTP credentials, API keys, and other data stored by other plugins."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "CWE-285 Improper Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-10-25T05:31:21.144Z"}}}, "cveMetadata": {"cveId": "CVE-2025-11879", "state": "PUBLISHED", "dateUpdated": "2025-10-27T15:51:35.186Z", "dateReserved": "2025-10-16T17:39:33.643Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-10-25T05:31:21.144Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The GenerateBlocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_option_rest' function in all versions up to, and including, 2.1.1. This makes it possible for authenticated attackers, with contributor level access and above, to read arbitrary WordPress options, including sensitive information such as SMTP credentials, API keys, and other data stored by other plugins."}], "id": "CVE-2025-11879", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-10-25T06:15:35.490", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L19"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L356"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/generateblocks/tags/2.1.1/includes/class-meta-handler.php#L78"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5f1ba1c7-de88-4070-a4ec-fbe4a0c30920?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T12:38:00.779268+00:00", "value": {"mitigation_remediation": ["Upgrade GenerateBlocks to the latest version that includes the missing capability check.", "If an upgrade cannot be performed immediately, add a manual capability check to the get_option_rest function or block the endpoint for non-administrator roles.", "Rotate all potentially exposed credentials (SMTP, API keys, etc.) that could have been read by compromised user accounts.", "Consider restricting the REST API or implementing additional access controls to limit exposure to sensitive options."], "summary": {"action": "Patch Immediately", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "All instances of the GenerateBlocks WordPress plugin up to and including version 2.1.1 are affected. Any WordPress site that has installed this plugin version is at risk, regardless of theme or other plugins. The issue does not affect newer releases beyond 2.1.1. The impact is limited to sites running the vulnerable plugin version.", "description_and_impact": "The vulnerability resides in an improperly performed authorization check inside the GenerateBlocks plugin for WordPress. A missing capability test on the get_option_rest function allows authenticated users who possess Contributor or higher roles to read any WordPress option value via the REST API. This can expose sensitive data such as SMTP credentials, API keys, and other configuration values stored by WordPress or other plugins. The weakness is classified as CWE-285 (Improper Authorization).", "risk_and_exploitability": "The CVSS score of 6.5 indicates a moderate severity. The EPSS score of less than 1% suggests a very low likelihood that this vulnerability will be actively exploited in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to have a valid WordPress account with Contributor or higher privileges. Once authenticated, the attacker can issue a REST request to the get_option_rest endpoint and retrieve arbitrary option data, including potentially confidential credentials. The lack of a mandatory ability check is the only identified prerequisite for exploitation."}}}}, "created": "2025-10-27T22:10:15.207349+00:00", "updated": "2026-04-22T12:45:17.024346+00:00", "vendors": ["generateblocks", "generateblocks$PRODUCT$generateblocks", "wordpress", "wordpress$PRODUCT$wordpress"]}