Spectra — Vulnerabilities & Security Advisories 12

All 12 CVE vulnerabilities found in Spectra, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE ID	Title	CVSS	Severity	Paused
CVE-2026-24982	WordPress Spectra plugin <= 2.19.17 - Broken Access Control vulnerability CWE-862	8.1^AI	High^AI	2026-02-03
CVE-2023-23729	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Contributor+ reCAPTCHA Settings Change Vulnerability CWE-862	5.4	Medium	2025-12-09
CVE-2023-23825	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Import_WPforms vulnerability CWE-862	3.1	Low	2024-12-09
CVE-2023-23834	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Activate_Plugin vulnerability CWE-862	4.3	Medium	2024-12-09
CVE-2024-37517	WordPress Spectra plugin <= 2.13.7 - Broken Access Control vulnerability CWE-862	4.3	Medium	2024-11-01
CVE-2024-7590	WordPress Spectra plugin<= 2.14.1 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-08-12
CVE-2023-36676	WordPress Spectra plugin <= 2.6.6 - Broken Access Control vulnerability CWE-862	5.4	Medium	2024-06-19
CVE-2023-23738	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Unauthenticated Email Spoofing Vulnerability CWE-74	5.3	Medium	2024-06-03
CVE-2023-23735	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Unauthenticated Email HTML Injection Vulnerability CWE-80	5.3	Medium	2024-06-03
CVE-2023-23730	WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Captcha Bypass Vulnerability CWE-307	5.3	Medium	2024-06-03
CVE-2023-36679	WordPress Spectra plugin <= 2.6.6 - Server Side Request Forgery (SSRF) vulnerability CWE-918	7.1	High	2024-03-28
CVE-2020-36656	Spectra < 1.15.0 - Contributor+ Stored Cross-Side Scripting	5.4	-	2023-02-21

All 12 known CVE vulnerabilities affecting Spectra with full Chinese analysis, references, and POCs where available.