| CVE-2024-9218 | Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid <= 1.3.14 - Reflected Cross-Site Scripting | wpblockart | Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid | Medium | 6.1 | 2024-10-02 08:31:51 | Deep Dive |
| CVE-2024-8536 | Ultimate Blocks < 3.2.2 - Contributor+ Stored XSS | Unknown | Ultimate Blocks | 中危 | - | 2024-09-30 06:00:07 | Deep Dive |
| CVE-2024-9073 | GutenGeek Free Gutenberg Blocks for WordPress <= 1.1.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | wpopal | GutenGeek Free Gutenberg Blocks for WordPress | Medium | 6.4 | 2024-09-25 02:05:27 | Deep Dive |
| CVE-2024-44049 | WordPress Gutenberg Blocks – Unlimited blocks For Gutenberg plugin <= 1.2.8 - Authenticated Cross Site Scripting (XSS) vulnerability | ThemeHunk | Gutenberg Blocks | Medium | 6.5 | 2024-09-17 22:59:22 | Deep Dive |
| CVE-2024-44051 | WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.5 - Cross Site Scripting (XSS) vulnerability | Johan van der Wijk | Content Blocks (Custom Post Widget) | Medium | 6.5 | 2024-09-17 22:19:17 | Deep Dive |
| CVE-2024-44059 | WordPress Custom Query Blocks plugin <= 5.3.1 - Cross Site Scripting (XSS) vulnerability | Ronald Huereca | Custom Query Blocks | Medium | 6.5 | 2024-09-15 08:10:44 | Deep Dive |
| CVE-2024-8253 | Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Authenticated (Subscriber+) Privilege Escalation | pickplugins | Post Grid and Gutenberg Blocks | High | 8.8 | 2024-09-11 03:31:08 | Deep Dive |
| CVE-2024-8241 | Nova Blocks by Pixelgrade <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute | pixelgrade | Nova Blocks by Pixelgrade | Medium | 6.4 | 2024-09-10 09:30:19 | Deep Dive |
| CVE-2024-8318 | Attributes for Blocks <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via attributesForBlocks Parameter | skadev | Attributes for Blocks | Medium | 6.4 | 2024-09-04 07:31:29 | Deep Dive |
| CVE-2024-8325 | Gutenberg Page Builder Blocks & Ready-Made Patterns Library <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | blockspare | BlockSpare — News, Magazine and Blog Addons for (Gutenberg) Block Editor | Medium | 6.4 | 2024-09-04 05:31:00 | Deep Dive |
| CVE-2024-43946 | WordPress SKT Blocks plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability | SKT Themes | SKT Blocks – Gutenberg based Page Builder | Medium | 6.5 | 2024-08-29 18:03:13 | Deep Dive |
| CVE-2024-7132 | CoBlocks < 3.1.13 - Editor+ Stored XSS | Unknown | Page Builder Gutenberg Blocks | - | - | 2024-08-29 06:00:03 | Deep Dive |
| CVE-2024-7418 | The Post Grid <= 7.7.11 - Authenticated (Contributor+) Information Disclosure | techlabpro1 | The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid | Medium | 4.3 | 2024-08-29 03:52:58 | Deep Dive |
| CVE-2024-43284 | WordPress WP Travel Gutenberg Blocks plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability | WP Travel | WP Travel Gutenberg Blocks | Medium | 6.5 | 2024-08-18 21:15:19 | Deep Dive |
| CVE-2024-43308 | WordPress Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin <= 3.3.5 - Cross Site Scripting (XSS) vulnerability | Gutentor | Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor | Medium | 6.5 | 2024-08-18 14:19:06 | Deep Dive |
| CVE-2024-43335 | WordPress Responsive Blocks – WordPress Gutenberg Blocks plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability | CyberChimps | Responsive Blocks – WordPress Gutenberg Blocks | Medium | 6.5 | 2024-08-18 13:39:57 | Deep Dive |
| CVE-2024-43349 | WordPress All Bootstrap Blocks plugin <= 1.3.19 - Cross Site Scripting (XSS) vulnerability | all_bootstrap_blocks | All Bootstrap Blocks | Medium | 6.5 | 2024-08-18 13:12:26 | Deep Dive |
| CVE-2024-7588 | Gutenberg Blocks, Page Builder – ComboBlocks <= 2.2.87 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Block | pickplugins | Post Grid | Medium | 6.4 | 2024-08-14 04:29:55 | Deep Dive |
| CVE-2024-6884 | Gutenberg Blocks with AI by Kadence WP < 3.2.39 - Contributor+ Stored XSS | Unknown | Gutenberg Blocks with AI by Kadence WP | - | - | 2024-08-08 06:00:04 | Deep Dive |
| CVE-2024-7291 | JetFormBuilder <= 3.3.4.1 - Authenticated (Administrator+) Privilege Escalation | jetmonsters | JetFormBuilder — Dynamic Blocks Form Builder | High | 7.2 | 2024-08-03 06:41:40 | Deep Dive |