GreenShift – Animation and Page Builder Blocks < 12.6.1 – Missing Authorization to Authenticated (Subscriber+) Information Disclosure of AI API Keys and Stored Cross-Site Scripting via custom_css | CVE 2026-1927 | Plugin Vulnerabilities

Description

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the greenshift_app_pass_validation() function in all versions up to, and including, 12.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve global plugin settings including stored AI API keys and modify plugin settings, including the injection of arbitrary web scripts via the 'custom_css' value (stored XSS). NOTE: This vulnerability was partially patched in version 12.6.

Affects Plugins

greenshift-animation-and-page-builder-blocks

Fixed in 12.6.1

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/6e2128db-ca9f-4211-8bc5-01a2cc1cba64

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

ISMAILSHADOW

Verified

No

WPVDB ID

d11c139a-6854-4371-bd06-f8b451e704e3

Timeline

Publicly Published

2026-02-05 (about 3 months ago)

Added

2026-02-05 (about 3 months ago)

Last Updated

2026-03-03 (about 2 months ago)

Other

Published

Title

Published

2026-01-06

Title

EduBlink <= 2.0.7 - Missing Authorization

Published

2025-04-22

Title

Premmerce Wholesale Pricing for WooCommerce < 1.1.11 - Missing Authorization

Published

2025-09-25

Title

Email marketing for WordPress by GetResponse Official < 1.5.4 - Missing Authorization

Published

2022-11-28

Title

Directorist < 7.4.4 - Subscriber+ Sensitive Information Disclosure

Published

2025-12-15

Title

FileBird – WordPress Media Library Folders & File Manager < 6.5.2 - Missing Authorization to Authenticated (Author+) Global Folders Tampering