CVE-2026-4658 | wpdevteam Gutenberg Essential Blocks Plugin up to 6.0.4 on WordPress render_callback className/classHook/blockId cross site scripting

A vulnerability categorized as problematic has been discovered in wpdevteam Gutenberg Essential Blocks Plugin up to 6.0.4 on WordPress. This affects the function render_callback. Executing a manipulation of the argument className/classHook/blockId can lead to cross site scripting.

This vulnerability is tracked as CVE-2026-4658. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More