WordPress Blocksy plugin <= 2.1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via `blocksy_meta` Fields vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via blocksymeta Fields vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Theme Blocksy versions = 2.1.30...

CVE-2025-55713 WordPress Blocksy Theme <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in creativethemeshq Blocksy blocksy allows Stored XSS.This issue affects Blocksy: from n/a through = 2.1.6...

CVE-2025-55713 WordPress Blocksy Theme <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreativeThemes Blocksy allows Stored XSS. This issue affects Blocksy: from n/a through 2.1.6...

WordPress Blocksy Theme <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by savphill in WordPress Theme Blocksy versions = 2.1.6...

CVE-2025-47465 WordPress Blocksy <= 2.0.97 - Broken Access Control Vulnerability

Missing Authorization vulnerability in CreativeThemes Blocksy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Blocksy: from n/a through 2.0.97...

WordPress Blocksy Theme <= 2.0.97 is vulnerable to Broken Access Control

Software Blocksy Type Theme Vulnerable versions = 2.0.97 Fixed in 2.0.98 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-47465 Patch priority Low CVSS severity Low 4.9 Developer Creative Themes PSID 62c34d0d694c Credits savphill Required privilege...

WordPress Blocksy Theme <= 2.0.22 is vulnerable to Cross Site Request Forgery (CSRF)

Software Blocksy Type Theme Vulnerable versions = 2.0.22 Fixed in 2.0.23 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37469 Patch priority Low CVSS severity Low 5.4 Developer Creative Themes PSID a4b7cfca4dc7 Credits RE-ALTER Required privileg...

WordPress Blocksy Theme <= 2.0.50 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.50 Fixed in 2.0.51 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5439 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 4b0639fc9299 Credits Ngô Thiên An ancorn Required...

WordPress Blocksy theme <= 2.0.46 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Ngô Thiên An ancorn in WordPress Theme Blocksy versions = 2.0.46...

WordPress Blocksy Theme <= 2.0.46 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.46 Fixed in 2.0.47 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4943 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID b3bc385251a5 Credits Ngô Thiên An ancorn Required...

WordPress Blocksy Companion Plugin <= 2.0.45 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Companion Type Plugin Vulnerable versions = 2.0.45 Fixed in 2.0.46 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4487 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 47cc317dca12 Credits wesley wcraft Requir...

WordPress Blocksy Theme <= 2.0.42 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.42 Fixed in 2.0.43 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4158 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID b23a35db53be Credits Ngô Thiên An ancorn Required...

WordPress Blocksy Theme <= 2.0.39 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.39 Fixed in 2.0.40 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3747 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 3ec8e6a91460 Credits Ngô Thiên An ancorn Required...

WordPress Blocksy Theme <= 2.0.33 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.33 Fixed in 2.0.34 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32961 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 13e7c35a50d6 Credits Joshua Chan Required privilege Contributor...

WordPress Blocksy Companion Plugin <= 2.0.31 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Companion Type Plugin Vulnerable versions = 2.0.31 Fixed in 2.0.32 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2392 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID bbd31df0e8be Credits Ngô Thiên An ancorn...

WordPress Blocksy Theme <= 2.0.26 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.26 Fixed in 2.0.27 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1767 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 674c245c46ca Credits Ngô Thiên An ancorn Required...

WordPress Blocksy Theme <= 2.0.19 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.19 Fixed in 2.0.20 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24871 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 07c604dd56fb Credits savphill Required privilege Editor Published ...

WordPress Blocksy Companion Plugin < 1.8.82 is vulnerable to Sensitive Data Exposure

Software Blocksy Companion Type Plugin Vulnerable versions 1.8.82 Fixed in 1.8.82 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-1911 Patch priority Medium CVSS severity Medium 4.3 Developer Creative Themes PSID a9848e95cc61 Credits Erwan LR WPScan...

WordPress Blocksy Companion Plugin <= 1.8.67 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Companion Type Plugin Vulnerable versions = 1.8.67 Fixed in 1.8.68 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23898 Patch priority Low CVSS severity Low 5.5 Developer Creative Themes PSID 25ea86bf944f Credits Rafshanzani Suhada...