| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-9655 | Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Widget | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-11-01 07:33:30 | Deep Dive |
| CVE-2024-50429 | WordPress Magazine Blocks plugin <= 1.3.15 - Cross Site Scripting (XSS) vulnerability | BlockArt | Magazine Blocks | Medium | 6.5 | 2024-10-28 18:23:41 | Deep Dive |
| CVE-2024-50432 | WordPress Post Grid and Gutenberg Blocks plugin <= 2.2.93 - Cross Site Scripting (XSS) vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 6.5 | 2024-10-28 18:17:12 | Deep Dive |
| CVE-2024-50441 | WordPress Cozy Blocks plugin <= 2.0.15 - Cross Site Scripting (XSS) vulnerability | CozyThemes | Cozy Blocks | Medium | 6.5 | 2024-10-28 18:03:49 | Deep Dive |
| CVE-2024-50502 | WordPress Cozy Blocks plugin <= 2.0.18 - Cross Site Scripting (XSS) vulnerability | CozyThemes | Cozy Blocks | Medium | 6.5 | 2024-10-28 12:42:50 | Deep Dive |
| CVE-2024-49690 | WordPress Qi Blocks plugin <= 1.3.2 - Local File Inclusion vulnerability | Qode | Qi Blocks | High | 7.5 | 2024-10-23 15:16:41 | Deep Dive |
| CVE-2024-49261 | WordPress Arkhe Blocks plugin <= 2.23.0 - Cross Site Scripting (XSS) vulnerability | Ryo | Arkhe Blocks | Medium | 6.5 | 2024-10-17 19:32:09 | Deep Dive |
| CVE-2024-48036 | WordPress SKT Blocks plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability | sonalsinha21 | SKT Blocks | Medium | 6.5 | 2024-10-17 12:21:05 | Deep Dive |
| CVE-2024-49270 | WordPress Smart Blocks plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability | hashthemes | Smart Blocks | Medium | 6.5 | 2024-10-16 13:50:00 | Deep Dive |
| CVE-2021-4450 | Post Grid <= 2.1.12 - Contributor+ SQL Injection | pickplugins | Post Grid | High | 8.8 | 2024-10-16 06:43:38 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8760 | Stackable – Page Builder Gutenberg Blocks <= 3.13.6 - Unauthenticated CSS Injection | bfintal | Stackable – Page Builder Gutenberg Blocks | Medium | 5.3 | 2024-10-12 08:41:04 | Deep Dive |
| CVE-2024-9234 | GutenKit <= 2.1.0 - Unauthenticated Arbitrary File Upload | ataurr | GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor | Critical | 9.8 | 2024-10-11 06:50:20 | Deep Dive |
| CVE-2024-9074 | Advanced Blocks Pro <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | essamamdani | Advanced Blocks Pro | Medium | 6.4 | 2024-10-10 02:06:14 | Deep Dive |
| CVE-2024-47340 | WordPress ComboBlocks plugin <= 2.2.89 - Cross Site Scripting (XSS) vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 6.5 | 2024-10-06 10:51:25 | Deep Dive |
| CVE-2024-47355 | WordPress Cozy Blocks plugin <= 2.0.11 - Cross Site Scripting (XSS) vulnerability | CozyThemes | Cozy Blocks | Medium | 6.5 | 2024-10-06 10:19:01 | Deep Dive |
| CVE-2024-47368 | WordPress Premium Blocks plugin <= 2.1.33 - Cross Site Scripting (XSS) vulnerability | Leap13 | Premium Blocks – Gutenberg Blocks for WordPress | Medium | 6.5 | 2024-10-06 09:42:50 | Deep Dive |
| CVE-2024-47385 | WordPress Essential Blocks plugin <= 4.8.4 - Cross Site Scripting (XSS) vulnerability | WPDeveloper | Essential Blocks for Gutenberg | Medium | 6.5 | 2024-10-05 14:51:56 | Deep Dive |
| CVE-2024-47627 | WordPress WP Travel Gutenberg Blocks plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability | WP Travel | WP Travel Gutenberg Blocks | Medium | 6.5 | 2024-10-05 13:30:16 | Deep Dive |
| CVE-2024-9372 | WP Blocks Hub <= 1.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | wpblockshub | WP Blocks Hub | Medium | 6.4 | 2024-10-04 02:04:52 | Deep Dive |