--- /data/pruva/runs/c20a7fcc-5f55-4752-bfdb-af7da0b425ed/bundle/repro/_build/fixed_out/blocksy-companion-pro/framework/premium/features/code-editor.php 2026-07-05 10:16:32.948559925 +0000 +++ /data/pruva/runs/c20a7fcc-5f55-4752-bfdb-af7da0b425ed/bundle/repro/_build/vuln_out/blocksy-companion-pro/framework/premium/features/code-editor.php 2026-07-05 10:16:33.150006046 +0000 @@ -45,10 +45,7 @@ return ''; } - if (empty($block->parsed_block['ct_allow_code_editor'])) { - return ''; - } - + // CVE-2026-57624 reproduction: 'ct_allow_code_editor' execution-context guard (added in 2.1.47) removed to restore the vulnerable <=2.1.46 render_callback state. if (! empty($content)) { $inline_code = str_replace( '
',