CVE-2026-2589: The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure
mediumvulnerabilityLLM-Specific
security
Summary
The Greenshift plugin for WordPress (used to create animations and page builder blocks) has a vulnerability where automated backup files are stored in a publicly accessible location, allowing attackers to read sensitive API keys (for OpenAI, Claude, Google Maps, Gemini, DeepSeek, and Cloudflare Turnstile) without needing to log in. This affects all versions up to 12.8.3.
Vulnerability Details
CVSS Score
5.3(medium)
EPSS (30-day exploit probability)
EPSS: 0.0%
Classification
Attack Type
PII Leakage
Attack SophisticationTrivial
Impact (CIA+S)
confidentiality
AI Component TargetedAPI
Affected Vendors
OpenAIAnthropicGoogle
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-2589
First tracked: March 5, 2026 at 11:07 PM
Classified by LLM (prompt v3) · confidence: 92%