What the vulnerability does
01Description
Missing Authorization vulnerability in Seerox Easy Blocks pro easy-blocks-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Easy Blocks pro: from n/a through <= 1.0.21.
CVE-2024-54256
HIGH
CVE-2024-54256: WordPress Easy Blocks pro plugin <= 1.0.21 - Broken Access Control vulnerability
CVSS base score
7.1/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Key dates
02Disclosure timeline
December 13, 2024
CVE published
May 12, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-48683
CVE-2025-12887 Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.1 - Missing Authorization to Authenticated (Subscriber+) OAuth Token Update
CVE-2025-49864 WordPress AFS Analytics plugin <= 4.21 - Broken Access Control Vulnerability
CVE-2021-41112 Missing Authorization in Rundeck
CVE-2024-32730 Missing authorization check in SAP Enable Now Manager
