Logo
Logo

April 28, 2026

Breakdance 2.6.2 – Security Update

Breakdance 2.6.2 addresses a security vulnerability in the Design Library feature and includes a bug fix for the Gallery element.

Security Vulnerability

This update fixes an access control vulnerability in the Design Library’s public API endpoints. The vulnerability allowed unauthenticated users to bypass both Design Library password protection and WordPress post visibility settings (draft, private, password-protected) and retrieve content from non-published posts by making direct requests to the Design Library API endpoints.

This vulnerability only affects sites where the Design Library feature is enabled. The Design Library is disabled by default and must be manually activated by going to Breakdance > Settings > Design Library and enabling “Turn This Website Into a Design Set.”

Do you need to take immediate action?

Yes, if:

  • You have enabled “Turn This Website Into a Design Set” in your Breakdance settings
  • You have draft or private posts containing sensitive information
  • You have set a Design Library password that you expected to protect your content

No immediate action needed if:

  • You have not enabled the Design Library feature (this is the default state)
  • You have not created a Design Set from your site

At this time, we are not aware of this vulnerability being exploited in the wild. The vulnerability requires the Design Library feature to be explicitly enabled, which is not the default setting in Breakdance.

Bug Fix

  • Gallery lightbox now works when multiple Gallery elements are on the same page
    Experience the Breakdance difference.
    Upgrade your WordPress editing experience with Breakdance, the visual builder for WordPress that's both easy-to-use and exceptionally powerful.
    • Unlimited Sites
    • 60-day Money Back Guarantee
    • Premium Support
    • Only $199.99/Year
    Get Breakdance

    Experience the Breakdance difference.

    Get Breakdance

    Unlimited license.
    Unlimited websites.

    Get maximum flexibility with unlimited licensing and domain activations.

    60-day money back guarantee.
    No questions asked.

    Get your money back within 60 days of purchase, no questions asked. It's risk-free!

    Premium support.
    Get all the help you need.

    We offer premium support to ensure the ultimate customer experience.

    Just $199.99/year for
    unlimited sites.

    For a limited time, we're offering an unlimited site license for just $199.99/year. Buy now to lock in this price.

    Breakdance logo
    Upgrade your WordPress editing experience with Breakdance, the best visual website builder for WordPress.

    Overview

    Home Templates Pricing Breakdance Free Try Breakdance Live Customer Login

    Design Library

    All Templates 1-Click Complete Websites Section Libraries

    Vs The Competition

    Breakdance vs Elementor Breakdance vs Divi Breakdance vs The Block Editor

    For Power Users

    Element Studio Craft With Code Client Access Control

    General Features

    Total Creative Control Global Styles 145 Built-In Elements Superior Performance & SEO Popup Builder Form Builder Header Builder Mega Menu Builder

    WooCommerce

    WooCommerce Overview Templating Product Pages Product Loop Builder Shop Filters Elements Cart & Checkout Pages

    Dynamic Data

    Dynamic Data Overview Post Loop Builder Term Loop Builder Conditional Element Display Repeater Fields Search & Filter

    Get Help

    Video Tutorials Documentation Contact Us Frequently Asked Questions

    Community

    Website Showcase Hire An Expert Facebook User Group

    Company

    Updates Blog About Us Brand Assets Affiliate Program Legal Terms & Privacy
    We ❤️ WordPress. Our plugin stack »
    © Soflyy. All rights reserved