| CVE-2026-0718 | Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.5 - Missing Authorization to Limited Post Meta Modification | wpxpo | Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX | Medium | 5.3 | 2026-04-16 07:39:51 | Deep Dive |
| CVE-2026-1273 | PostX <= 5.0.8 - Authenticated (Administrator+) Server-Side Request Forgery via REST API Endpoints | wpxpo | Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX | High | 7.2 | 2026-03-04 01:21:59 | Deep Dive |
| CVE-2025-68605 | WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 6.5 | 2025-12-24 13:10:48 | Deep Dive |
| CVE-2025-12980 | Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure | wpxpo | Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX | High | 7.5 | 2025-12-21 02:20:33 | Deep Dive |
| CVE-2025-63043 | WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Insecure Direct Object References (IDOR) vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 5.3 | 2025-12-18 16:45:08 | Deep Dive |
| CVE-2025-66058 | WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.17 - Broken Access Control vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 6.5 | 2025-12-18 16:15:15 | Deep Dive |
| CVE-2025-62924 | WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.17 - Broken Access Control vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 6.5 | 2025-10-27 01:33:59 | Deep Dive |
| CVE-2025-8722 | Content Views <= 4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Grid and List Widgets | pt-guy | Content Views – Post Grid & Filter, Recent Posts, Category Posts … (Shortcode, Gutenberg Blocks, and Widgets for Elementor) | Medium | 6.4 | 2025-09-06 03:22:35 | Deep Dive |
| CVE-2025-54007 | WordPress Post Grid and Gutenberg Blocks Plugin <= 2.3.11 - PHP Object Injection Vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | High | 8.8 | 2025-08-20 08:03:05 | Deep Dive |
| CVE-2024-13796 | Post Grid and Gutenberg Blocks – ComboBlocks <= 2.3.6 - Unauthenticated User Information Exposure | pickplugins | Post Grid | Medium | 5.3 | 2025-02-28 04:21:56 | Deep Dive |
| CVE-2024-13798 | Post Grid and Gutenberg Blocks – ComboBlocks <= 2.3.5 - Unauthenticated Paid Order Creation | pickplugins | Post Grid | Medium | 5.3 | 2025-02-22 04:21:16 | Deep Dive |
| CVE-2024-9636 | Post Grid and Gutenberg Blocks 2.2.85 - 2.3.3 - Unauthenticated Privilege Escalation | pickplugins | Post Grid and Gutenberg Blocks – ComboBlocks | Critical | 9.8 | 2025-01-15 09:25:54 | Deep Dive |
| CVE-2024-51928 | WordPress Blocks Post Grid plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability | Jakir Hasan | Blocks Post Grid | Medium | 6.5 | 2024-11-19 16:30:54 | Deep Dive |
| CVE-2024-10728 | PostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation/Activation | wpxpo | Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX | High | 8.8 | 2024-11-16 04:29:15 | Deep Dive |
| CVE-2024-50432 | WordPress Post Grid and Gutenberg Blocks plugin <= 2.2.93 - Cross Site Scripting (XSS) vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 6.5 | 2024-10-28 18:17:12 | Deep Dive |
| CVE-2021-4450 | Post Grid <= 2.1.12 - Contributor+ SQL Injection | pickplugins | Post Grid | High | 8.8 | 2024-10-16 06:43:38 | Deep Dive |
| CVE-2024-47340 | WordPress ComboBlocks plugin <= 2.2.89 - Cross Site Scripting (XSS) vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 6.5 | 2024-10-06 10:51:25 | Deep Dive |
| CVE-2024-9218 | Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid <= 1.3.14 - Reflected Cross-Site Scripting | wpblockart | Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid | Medium | 6.1 | 2024-10-02 08:31:51 | Deep Dive |
| CVE-2024-8253 | Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Authenticated (Subscriber+) Privilege Escalation | pickplugins | Post Grid and Gutenberg Blocks | High | 8.8 | 2024-09-11 03:31:08 | Deep Dive |
| CVE-2024-7418 | The Post Grid <= 7.7.11 - Authenticated (Contributor+) Information Disclosure | techlabpro1 | The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid | Medium | 4.3 | 2024-08-29 03:52:58 | Deep Dive |