Lucene search
K
WpdeveloperEssential Blocks*

16 matches found

CVE
CVE
added 2024/01/15 3:10 p.m.147 views

CVE-2023-6623

The CVE-2023-6623 entry corresponds to a Local File Inclusion vulnerability in the WordPress Essential Blocks plugin prior to version 4.4.3. Several connected sources confirm that unauthenticated attackers can overwrite local variables when rendering templates via the REST API, potentially enabli...

9.8CVSS9.2AI score0.50673EPSS
Web
CVE
CVE
added 2024/12/09 11:30 a.m.86 views

CVE-2023-47760

CVE-2023-47760 affects WordPress WPDeveloper Essential Blocks for Gutenberg. The vulnerability is a Missing Authorization/Broken Access Control in Essential Blocks for Gutenberg versions

8.8CVSS7.3AI score0.00385EPSS
CVE
CVE
added 2024/12/09 11:29 a.m.83 views

CVE-2023-51360

CVE-2023-51360 affects the WordPress plugin Essential Blocks for Gutenberg (vulnerable:

8.8CVSS5.7AI score0.00561EPSS
CVE
CVE
added 2025/03/08 11:16 a.m.83 views

CVE-2025-1664

CVE-2025-1664 affects the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates . The vulnerability is a Stored Cross-Site Scripting via the Parallax slider in all versions up to 5.3.1 due to insufficient input sanitization and output escaping. Exploitation requi...

6.4CVSS5.7AI score0.00198EPSS
CVE
CVE
added 2024/04/19 2:34 a.m.70 views

CVE-2024-3818

CVE-2024-3818 affects the Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates WordPress plugin. The issue is a DOM-based stored XSS in the Social Icons block, arising from insufficient input sanitization/output escaping on user-supplied attributes. Affected versions include all...

5.4CVSS5.7AI score0.0034EPSS
CVE
CVE
added 2024/12/09 11:29 a.m.67 views

CVE-2023-51359

CVE-2023-51359 affects WPDeveloper Essential Blocks for Gutenberg (

8.8CVSS7.3AI score0.00563EPSS
CVE
CVE
added 2025/02/25 2:17 p.m.66 views

CVE-2025-26871

CVE-2025-26871 refers to a Missing Authorization vulnerability in Essential Blocks for Gutenberg (WP developers’ Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates). Affected versions are listed as from n/a through 4.8.3. The root cause is incorrectly configured access control...

8.8CVSS7.2AI score0.00375EPSS
CVE
CVE
added 2024/03/20 3:20 a.m.65 views

CVE-2024-2255

The CVE concerns the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. It describes a Stored XSS flaw in the plugin’s widgets due to insufficient input sanitization and output escaping on user-supplied attributes (e.g., listStyle) in versions up to 4.5.2. Ex...

6.4CVSS7.4AI score0.00559EPSS
CVE
CVE
added 2024/05/18 4:30 a.m.63 views

CVE-2024-4891

CVE-2024-4891 affects the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. Root cause is insufficient input sanitization and output escaping in the tagName parameter, enabling Stored XSS. Impact requires authenticated access (contributor+) to inject scripts...

6.4CVSS5.7AI score0.00468EPSS
CVE
CVE
added 2023/10/20 6:35 a.m.61 views

CVE-2023-4402

The WordPress Essential Blocks plugin (versions up to and including 4.2.0) is affected by a PHP Object Injection via deserialization of untrusted input in the get_products/get_posts path. The vulnerability allows unauthenticated attackers to inject a PHP Object; exploitation may enable deletion o...

9.8CVSS9.4AI score0.0134EPSS
CVE
CVE
added 2024/06/09 10:49 a.m.59 views

CVE-2024-30467

CVE-2024-30467: Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg affects Essential Blocks for Gutenberg versions up to 4.4.9. Root cause is missing authorization checks on access to block functionality. Impact is high for confidentiality, integrity, and availabili...

8.8CVSS6.8AI score0.00409EPSS
CVE
CVE
added 2024/10/05 2:51 p.m.58 views

CVE-2024-47385

CVE-2024-47385 is a stored XSS in the WordPress plugin “Essential Blocks for Gutenberg” (WPDeveloper). Public details indicate the vulnerability affects versions up to and including 4.8.4; exploitation is via improper neutralization of input during web page generation. The patch is available in v...

6.5CVSS5.9AI score0.00241EPSS
CVE
CVE
added 2024/03/13 3:27 p.m.53 views

CVE-2024-1854

CVE-2024-1854 (WordPress plugin: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates) The vulnerability is a Stored XSS in the blockId parameter across all versions up to and including 4.5.1 of the Essential Blocks plugin for WordPress. The root cause is insufficient input sani...

6.4CVSS6.1AI score0.00427EPSS
CVE
CVE
added 2024/12/13 2:22 p.m.51 views

CVE-2022-47594

CVE-2022-47594 affects the WordPress plugin Essential Blocks for Gutenberg (

6.5CVSS5.1AI score0.00411EPSS
CVE
CVE
added 2024/04/07 5:42 p.m.50 views

CVE-2024-31306

CVE-2024-31306 : In the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks (WPDeveloper) there is a Stored XSS vulnerability due to improper input handling during web page generation, affecting versions up to 4.5.3 . The root cause is insufficient input neutralization when renderin...

6.5CVSS8.6AI score0.00385EPSS
CVE
CVE
added 2024/08/02 6:0 a.m.32 views

CVE-2024-5595

CVE-2024-5595 affects the WordPress plugin “Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates” (pre 4.7.0). Root cause: the plugin does not validate/escape certain block options before output, enablingStored XSS when the block is embedded in a page/post by users with Contribu...

5.4CVSS5.6AI score0.00417EPSS