WordPress Plugin Vulnerabilities

Kadence Blocks – Gutenberg Blocks for Page Builder Features < 3.5.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via `redirectURL` Parameter

Description

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘redirectURL’ parameter in all versions up to, and including, 3.5.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Affects Plugins

Plugin icon
kadence-blocks
Fixed in 3.5.11

References

CVE
CVE-2025-5678
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/fc712f6b-f11b-4731-8f89-0044830400d6

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.4 (medium)

Miscellaneous

Original Researcher
Asaf Mozes
Verified
No
WPVDB ID
c96a0bfa-5b07-48d3-9827-9e6964c8e52f

Timeline

Publicly Published
2025-07-08 (about 10 months ago)
Added
2025-07-09 (about 10 months ago)
Last Updated
2025-07-09 (about 10 months ago)

Other

Published
Title
Published
2023-02-22
Title
WPB Advanced FAQ <= 1.0.6 - Contributor+ Stored XSS
Published
2024-06-22
Title
WP eMember < 10.6.6 - Bulk Delete via CSRF
Published
2015-01-06
Title
WP SlimStat <= 3.9.1 - Cross-Site Scripting (XSS)
Published
2024-04-30
Title
Freesia Empire < 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-09-11
Title
WooCommerce Fortnox Integration < 4.5.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting