A vulnerability described as problematic has been identified in edge22 GenerateBlocks Plugin up to 2.2.0 on WordPress. The affected element is an unknown function of the file /wp-json/generateblocks/v1/dynamic-tag-replacements of the component REST Endpoint . Executing a manipulation of the argument ID can lead to authorization bypass. The identification of this vulnerability is CVE-2026-3454 . The attack may be launched remotely. There is no exploit available.