– Proof of Concept - Atomic Edge

Atomic Edge analysis of CVE-2026-2633:
The Gutenberg Blocks with AI by Kadence WP plugin, versions up to and including 3.6.1, contains a missing authorization vulnerability. The flaw allows authenticated users with at least Contributor-level permissions to upload arbitrary images from remote URLs to the WordPress Media Library, bypassing the standard WordPress capability model that restricts file uploads to users with the `upload_files` capability.

Atomic Edge research identifies the root cause in the `process_image_data_ajax_callback()` function within the `class-kadence-blocks-prebuilt-library.php` file. The function handles the `kadence_import_process_image_data` AJAX action. The existing authorization check, performed by the `verify_ajax_call()` method, only validates the `edit_posts` capability. This check is insufficient because it fails to also verify the `upload_files` capability, which WordPress core requires for media library uploads. The vulnerability exists because the function’s logic proceeds to download and process images without this critical capability check.

An attacker exploits this vulnerability by sending a crafted POST request to the WordPress `admin-ajax.php` endpoint. The request must include the `action` parameter set to `kadence_import_process_image_data`, a valid WordPress nonce, and the `import_content` or `image_library` parameters containing URLs to external images. A user with Contributor permissions, who normally cannot access the `wp-admin/upload.php` page or perform media uploads, can use this AJAX action to force the server to download and store remote images.

The patch, applied in version 3.6.2, adds a direct capability check for `upload_files` within the `process_image_data_ajax_callback()` function. The diff for `class-kadence-blocks-prebuilt-library.php` shows the addition of three lines after the call to `verify_ajax_call()`. The new code checks `if ( ! current_user_can( ‘upload_files’ ) )` and returns a JSON error if the check fails. This change enforces the proper WordPress capability requirement before any image processing occurs, aligning the endpoint’s permissions with core WordPress media upload functionality.

Successful exploitation allows a Contributor-level attacker to populate the site’s media library with arbitrary images from external sources. This can lead to unauthorized storage consumption, potential server-side request forgery (SSRF) if internal URLs are targeted, and the hosting of malicious or inappropriate content. The attack bypasses the intended WordPress security model, granting upload privileges to users who should not possess them.