CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Blocksy WordPress theme versions through 2.1.6 are affected by an Improper neutralization of input during web page generation, resulting in Stored Cross-Site Scripting (XSS). The vulnerability affects the Blocksy frontend when handling user-supplied data without adequate escaping, per PT-2025-334...

5.9CVSS5.9AI score0.00047EPSS

Exploits0References1

Patchstack•added 2025/08/14 12:0 a.m.•4 views

WordPress Blocksy Theme <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-55713 Patch priority Low CVSS severity Low 5.9 Developer Creative Themes PSID 05f50ffb9258 Credits savphill Required privilege Shop manager...

5.9CVSS6.9AI score0.00047EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/23 9:38 a.m.•8 views

CVE-2024-24871

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.19...

6.5CVSS6.8AI score0.00065EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:14 a.m.•2 views

CVE-2024-35633

Server-Side Request Forgery SSRF vulnerability in Creative Themes Blocksy Companion blocksy-companion.This issue affects Blocksy Companion: from n/a through = 2.0.42...

4.9CVSS5.9AI score0.00212EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 7:40 a.m.•4 views

CVE-2024-31382

Cross-Site Request Forgery CSRF vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.22...

8.8CVSS5.9AI score0.00187EPSS

Exploits0References1

Patchstack•added 2025/05/07 12:0 a.m.•4 views

WordPress Blocksy Theme <= 2.0.97 is vulnerable to Broken Access Control

Software Blocksy Type Theme Vulnerable versions = 2.0.97 Fixed in 2.0.98 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-47465 Patch priority Low CVSS severity Low 4.9 Developer Creative Themes PSID 62c34d0d694c Credits savphill Required privilege...

4.9CVSS6.6AI score0.00199EPSS

Exploits0References1Affected Software1

OSV•added 2025/01/02 12:15 p.m.•0 views

CVE-2024-37469

Cross-Site Request Forgery CSRF vulnerability in CreativeThemes Blocksy allows Cross Site Request Forgery.This issue affects Blocksy: from n/a through 2.0.22...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2024/06/03 10:15 a.m.•0 views

CVE-2024-35633

Server-Side Request Forgery SSRF vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through 2.0.42...

4.9CVSS5.8AI score

Exploits0References1

Patchstack•added 2024/05/13 12:0 a.m.•8 views

WordPress Blocksy Companion Plugin <= 2.0.45 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Companion Type Plugin Vulnerable versions = 2.0.45 Fixed in 2.0.46 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4487 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 47cc317dca12 Credits wesley wcraft Requir...

6.4CVSS5.8AI score0.00148EPSS

Exploits0References3Affected Software1

NVD•added 2024/04/25 10:15 a.m.•11 views

CVE-2024-32961

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.33...

6.5CVSS6.4AI score0.0021EPSS

Exploits0References2

Vulnrichment•added 2024/04/25 9:16 a.m.•19 views

CVE-2024-32961 WordPress Blocksy theme <= 2.0.33 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Creative Themes HQ Blocksy allows Stored XSS.This issue affects Blocksy: from n/a through 2.0.33...

6.5CVSS6.7AI score0.0021EPSS

Exploits0References1

Cvelist•added 2024/04/25 9:16 a.m.•16 views

CVE-2024-32961 WordPress Blocksy theme <= 2.0.33 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.33...

6.5CVSS6.6AI score0.0021EPSS

Exploits0References1

OSV•added 2024/04/15 11:15 a.m.•0 views

CVE-2024-31382

Cross-Site Request Forgery CSRF vulnerability in Creative Themes HQ Blocksy.This issue affects Blocksy: from n/a through 2.0.22...

8.8CVSS5.8AI score

Exploits0References1

NVD•added 2024/04/15 11:15 a.m.•8 views

CVE-2024-31382

Cross-Site Request Forgery CSRF vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.22...

8.8CVSS4.6AI score0.00187EPSS

Exploits0References2

Vulnrichment•added 2024/04/15 10:15 a.m.•13 views

CVE-2024-31382 WordPress Blocksy theme <= 2.0.22 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.22...

4.3CVSS5.1AI score0.00187EPSS

Exploits0References1

Cvelist•added 2024/04/15 10:15 a.m.•15 views

CVE-2024-31382 WordPress Blocksy theme <= 2.0.22 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.22...

4.3CVSS5AI score0.00187EPSS

Exploits0References1

CVE•added 2024/04/15 10:15 a.m.•59 views

CVE-2024-31382

CVE-2024-31382: CSRF in Blocksy (Creative Themes HQ Blocksy) affecting Blocksy versions up to and including 2.0.22. Connected sources confirm the issue is CSRF, but no exploit details or confirmed fixed version are provided in the supplied documents. remediation/fix version is not specified in th...

8.8CVSS5.9AI score0.00187EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by