| CVE-2024-43946 | WordPress SKT Blocks plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability | SKT Themes | SKT Blocks – Gutenberg based Page Builder | Medium | 6.5 | 2024-08-29 18:03:13 | Deep Dive |
| CVE-2024-7132 | CoBlocks < 3.1.13 - Editor+ Stored XSS | Unknown | Page Builder Gutenberg Blocks | - | - | 2024-08-29 06:00:03 | Deep Dive |
| CVE-2024-43308 | WordPress Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin <= 3.3.5 - Cross Site Scripting (XSS) vulnerability | Gutentor | Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor | Medium | 6.5 | 2024-08-18 14:19:06 | Deep Dive |
| CVE-2024-7588 | Gutenberg Blocks, Page Builder – ComboBlocks <= 2.2.87 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Block | pickplugins | Post Grid | Medium | 6.4 | 2024-08-14 04:29:55 | Deep Dive |
| CVE-2024-6346 | Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks <= 2.2.85 - Authenticated (Contributor+) Stored Cross-Site Scripting via redirectURL Parameter of Date Countdown Widget | pickplugins | Post Grid | Medium | 6.4 | 2024-08-01 09:29:48 | Deep Dive |
| CVE-2024-4260 | CoBlocks < 3.1.12 - Contributor+ SSRF | Unknown | Page Builder Gutenberg Blocks | - | - | 2024-07-23 06:00:02 | Deep Dive |
| CVE-2024-5819 | Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.45 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via HTML Data Attributes | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-06-29 09:46:43 | Deep Dive |
| CVE-2024-6296 | Stackable – Page Builder Gutenberg Blocks <= 3.13.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | bfintal | Stackable – Page Builder Gutenberg Blocks | Medium | 6.4 | 2024-06-28 03:36:43 | Deep Dive |
| CVE-2024-5289 | Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting in Google Maps Widget | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-06-27 02:03:03 | Deep Dive |
| CVE-2024-35765 | WordPress Greenshift – animation and page builder blocks plugin <= 8.8.9.1 - Cross Site Scripting (XSS) vulnerability | Wpsoul | Greenshift – animation and page builder blocks | Medium | 6.5 | 2024-06-19 10:17:56 | Deep Dive |
| CVE-2024-4863 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.38 - Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont Parameter | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-06-14 08:35:35 | Deep Dive |
| CVE-2024-4042 | Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel - Combo Blocks <= 2.2.80 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attribute | pickplugins | Post Grid | Medium | 6.4 | 2024-06-07 05:33:45 | Deep Dive |
| CVE-2024-1988 | Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks <= 2.2.80 - Authenticated (Contributor+) Stored Cross-Site Scripting | pickplugins | Post Grid | Medium | 6.4 | 2024-06-07 03:21:58 | Deep Dive |
| CVE-2024-4088 | Gutenberg Blocks and Page Layouts – Attire Blocks <= 1.9.2 - Missing Authorization | shafayat-alam | Gutenberg Blocks and Page Layouts – Attire Blocks | Medium | 4.3 | 2024-06-05 06:50:30 | Deep Dive |
| CVE-2024-2933 | Page Builder Gutenberg Blocks – CoBlocks <= 3.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Profiles | godaddy | Page Builder Gutenberg Blocks – CoBlocks | Medium | 6.4 | 2024-06-01 01:54:54 | Deep Dive |
| CVE-2024-4891 | Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpdevteam | Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | Medium | 6.4 | 2024-05-18 04:30:53 | Deep Dive |
| CVE-2024-4208 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typer Effect | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-05-15 02:32:44 | Deep Dive |
| CVE-2024-3189 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 5.4 | 2024-05-15 02:32:43 | Deep Dive |
| CVE-2024-4209 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-05-11 01:56:00 | Deep Dive |
| CVE-2024-4481 | Gutenberg Blocks with AI by Kadence WP <= 3.2.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Link | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-05-10 06:44:58 | Deep Dive |