| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-6636 | Greenshift – animation and page builder blocks <= 7.6.2 - Authenticated (Administrator+) Arbitrary File Upload | wpsoul | Greenshift – animation and page builder blocks | High | 7.2 | 2024-01-11 08:32:41 | Deep Dive |
| CVE-2023-51378 | WordPress Rise Blocks Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF) | Rise Themes | Rise Blocks – A Complete Gutenberg Page Builder | Medium | 5.4 | 2023-12-29 12:08:17 | Deep Dive |
| CVE-2023-4386 | Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via queries | wpdevteam | Essential Blocks Pro | High | 8.1 | 2023-10-20 07:29:28 | Deep Dive |
| CVE-2023-4402 | Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via products | wpdevteam | Essential Blocks Pro | High | 8.1 | 2023-10-20 06:35:11 | Deep Dive |
| CVE-2023-2083 | Essential Blocks <= 4.0.6 - Missing Authorization via save | wpdevteam | Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | Medium | 4.3 | 2023-06-09 05:33:39 | Deep Dive |
| CVE-2023-2087 | Essential Blocks <= 4.0.6 - Cross-Site Request Forgery via save | wpdevteam | Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | Medium | 4.3 | 2023-06-09 05:33:35 | Deep Dive |
| CVE-2023-2085 | Essential Blocks <= 4.0.6 - Missing Authorization via templates | wpdevteam | Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | Medium | 4.3 | 2023-06-09 05:33:27 | Deep Dive |
| CVE-2023-2086 | Essential Blocks <= 4.0.6 - Missing Authorization via template_count | wpdevteam | Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | Medium | 4.3 | 2023-06-09 05:33:25 | Deep Dive |
| CVE-2023-2084 | Essential Blocks <= 4.0.6 - Missing Authorization via get | wpdevteam | Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | Medium | 4.3 | 2023-06-09 05:33:10 | Deep Dive |
| CVE-2023-0484 | Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks < 1.1.6 - Arbitrary Plugin Activation via CSRF | Unknown | Contact Form 7 Widget For Elementor Page Builder & Gutenberg Blocks | 中危 | - | 2023-03-27 15:37:28 | Deep Dive |
| CVE-2023-22707 | WordPress Greenshift – animation and page builder blocks Plugin <= 4.9.9 is vulnerable to Cross Site Scripting (XSS) | Wpsoul | Greenshift – animation and page builder blocks | Medium | 5.9 | 2023-03-27 14:05:48 | Deep Dive |