Two vulnerabilities in the site-building plugin could be useful tools in the hands of a skilled attacker, researchers warned. They could allow arbitrary plugin installation, post deletions and access to potentially sensitive information about a sites configuration. The Gutenberg Template Library & Redux Framework plugin for WordPress is installed on more than 1 million websites. The plugin, from developer Redux.io, offers various templates and building blocks for creating web pages within WordPress Gutenberg editor: The first bug (CVE-2021-38312) rates 7.1 out of 10 on CVSS scale, making it high-severity.”]
Source: https://threatpost.com/gutenberg-template-library-redux-bugs-wordpress/169111/