Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kadence Blocks — Page Builder Toolkit for Gutenberg Editor — Vulnerabilities & Security Advisories 23

All 23 CVE vulnerabilities found in Kadence Blocks — Page Builder Toolkit for Gutenberg Editor, with AI-generated Chinese analysis, references, and POCs.

Vendor: stellarwp

CVE IDTitleCVSSSeverityPublished
CVE-2026-2826 Kadence Blocks — Page Builder Toolkit for Gutenberg Editor <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media Upload CWE-862 4.3 Medium2026-04-04
CVE-2026-2633 Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Missing Authorization to Authenticated (Contributor+) Unauthorized Media Upload CWE-862 4.3 Medium2026-02-18
CVE-2026-1857 Gutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' Parameter CWE-918 4.3 Medium2026-02-18
CVE-2026-2608 Gutenberg Blocks by Kadence Blocks <= 3.5.32 - Missing Authorization CWE-862 4.3 Medium2026-02-17
CVE-2025-5678 Kadence Blocks – Gutenberg Blocks for Page Builder Features <= 3.5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via `redirectURL` Parameter CWE-79 6.4 Medium2025-07-09
CVE-2025-1291 Gutenberg Blocks by Kadence Blocks <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'icon' CWE-79 6.4 Medium2025-03-01
CVE-2024-12304 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.4.2 - Authenticated (contributor+) Stored Cross-Site Scripting via Button Link CWE-79 6.4 Medium2025-01-11
CVE-2024-12581 Kadence Blocks <= 3.2.53 - Authenticated (Admin+) Stored Cross-Site Scripting CWE-79 4.4 Medium2024-12-13
CVE-2024-10785 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-11-21
CVE-2024-9655 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Widget CWE-79 6.4 Medium2024-11-01
CVE-2024-5819 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.45 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via HTML Data Attributes CWE-79 6.4 Medium2024-06-29
CVE-2024-5289 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting in Google Maps Widget CWE-79 6.4 Medium2024-06-27
CVE-2024-4863 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.38 - Authenticated (Contributor+) Stored Cross-Site Scripting via titleFont Parameter CWE-79 6.4 Medium2024-06-14
CVE-2024-4208 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typer Effect CWE-79 6.4 Medium2024-05-15
CVE-2024-3189 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 5.4 Medium2024-05-15
CVE-2024-4209 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer CWE-79 6.4 Medium2024-05-11
CVE-2024-4481 Gutenberg Blocks with AI by Kadence WP <= 3.2.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Link CWE-79 6.4 Medium2024-05-10
CVE-2024-2273 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.34 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-05-02
CVE-2024-1999 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.25 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial Widget CWE-79 6.4 Medium2024-04-09
CVE-2023-6964 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.1.26 - Authenticated(Contributor+) Server-Side Request Forgery (SSRF) CWE-918 8.5 High2024-04-09
CVE-2024-0598 Gutenberg Blocks by Kadence Blocks <= 3.2.17 - Authenticated(Editor+) Stored Cross-Site Scripting via Contact Form Message Settings CWE-79 4.4 Medium2024-04-09
CVE-2024-2919 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via CountUp Widget CWE-79 6.4 Medium2024-04-04
CVE-2024-1541 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.23 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-03-13

All 23 known CVE vulnerabilities affecting Kadence Blocks — Page Builder Toolkit for Gutenberg Editor with full Chinese analysis, references, and POCs where available.