Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
WpdeveloperEssential Blocks*

16 matches found

CVE
CVEadded 2024/01/15 3:10 p.m.137 views

CVE-2023-6623

The CVE-2023-6623 entry corresponds to a Local File Inclusion vulnerability in the WordPress Essential Blocks plugin prior to version 4.4.3. Several connected sources confirm that unauthenticated attackers can overwrite local variables when rendering templates via the REST API, potentially enabli...

9.8CVSS9.2AI score0.88125EPSS
Web
CVE
CVEadded 2024/12/09 11:30 a.m.85 views

CVE-2023-47760

CVE-2023-47760 affects WordPress WPDeveloper Essential Blocks for Gutenberg. The vulnerability is a Missing Authorization/Broken Access Control in Essential Blocks for Gutenberg versions

8.8CVSS7.3AI score0.00441EPSS
CVE
CVEadded 2024/12/09 11:29 a.m.79 views

CVE-2023-51360

CVE-2023-51360 affects the WordPress plugin Essential Blocks for Gutenberg (vulnerable:

8.8CVSS5.7AI score0.00091EPSS
CVE
CVEadded 2025/03/08 11:16 a.m.78 views

CVE-2025-1664

CVE-2025-1664 affects the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates . The vulnerability is a Stored Cross-Site Scripting via the Parallax slider in all versions up to 5.3.1 due to insufficient input sanitization and output escaping. Exploitation requi...

6.4CVSS5.7AI score0.00114EPSS
CVE
CVEadded 2024/04/19 2:34 a.m.67 views

CVE-2024-3818

CVE-2024-3818 affects the Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates WordPress plugin. The issue is a DOM-based stored XSS in the Social Icons block, arising from insufficient input sanitization/output escaping on user-supplied attributes. Affected versions include all...

5.4CVSS5.7AI score0.0022EPSS
CVE
CVEadded 2024/12/09 11:29 a.m.64 views

CVE-2023-51359

CVE-2023-51359 affects WPDeveloper Essential Blocks for Gutenberg (

8.8CVSS7.3AI score0.00154EPSS
CVE
CVEadded 2024/03/20 3:20 a.m.63 views

CVE-2024-2255

The CVE concerns the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. It describes a Stored XSS flaw in the plugin’s widgets due to insufficient input sanitization and output escaping on user-supplied attributes (e.g., listStyle) in versions up to 4.5.2. Ex...

6.4CVSS7.4AI score0.00096EPSS
CVE
CVEadded 2025/02/25 2:17 p.m.63 views

CVE-2025-26871

CVE-2025-26871 refers to a Missing Authorization vulnerability in Essential Blocks for Gutenberg (WP developers’ Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates). Affected versions are listed as from n/a through 4.8.3. The root cause is incorrectly configured access control...

8.8CVSS7.2AI score0.00106EPSS
CVE
CVEadded 2024/05/18 4:30 a.m.59 views

CVE-2024-4891

CVE-2024-4891 affects the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates. Root cause is insufficient input sanitization and output escaping in the tagName parameter, enabling Stored XSS. Impact requires authenticated access (contributor+) to inject scripts...

6.4CVSS5.7AI score0.00529EPSS
CVE
CVEadded 2024/06/09 10:49 a.m.58 views

CVE-2024-30467

CVE-2024-30467: Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg affects Essential Blocks for Gutenberg versions up to 4.4.9. Root cause is missing authorization checks on access to block functionality. Impact is high for confidentiality, integrity, and availabili...

8.8CVSS6.8AI score0.00396EPSS
CVE
CVEadded 2023/10/20 6:35 a.m.57 views

CVE-2023-4402

The WordPress Essential Blocks plugin (versions up to and including 4.2.0) is affected by a PHP Object Injection via deserialization of untrusted input in the get_products/get_posts path. The vulnerability allows unauthenticated attackers to inject a PHP Object; exploitation may enable deletion o...

9.8CVSS9.4AI score0.02874EPSS
CVE
CVEadded 2024/10/05 2:51 p.m.54 views

CVE-2024-47385

CVE-2024-47385 is a stored XSS in the WordPress plugin “Essential Blocks for Gutenberg” (WPDeveloper). Public details indicate the vulnerability affects versions up to and including 4.8.4; exploitation is via improper neutralization of input during web page generation. The patch is available in v...

6.5CVSS5.9AI score0.00177EPSS
CVE
CVEadded 2024/04/07 5:42 p.m.49 views

CVE-2024-31306

CVE-2024-31306 : In the WordPress plugin Essential Blocks – Page Builder Gutenberg Blocks (WPDeveloper) there is a Stored XSS vulnerability due to improper input handling during web page generation, affecting versions up to 4.5.3 . The root cause is insufficient input neutralization when renderin...

6.5CVSS8.6AI score0.00139EPSS
CVE
CVEadded 2024/03/13 3:27 p.m.48 views

CVE-2024-1854

CVE-2024-1854 (WordPress plugin: Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates) The vulnerability is a Stored XSS in the blockId parameter across all versions up to and including 4.5.1 of the Essential Blocks plugin for WordPress. The root cause is insufficient input sani...

6.4CVSS6.1AI score0.00229EPSS
CVE
CVEadded 2024/12/13 2:22 p.m.45 views

CVE-2022-47594

CVE-2022-47594 affects the WordPress plugin Essential Blocks for Gutenberg (

6.5CVSS5.1AI score0.00191EPSS
CVE
CVEadded 2024/08/02 6:0 a.m.27 views

CVE-2024-5595

CVE-2024-5595 affects the WordPress plugin “Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates” (pre 4.7.0). Root cause: the plugin does not validate/escape certain block options before output, enablingStored XSS when the block is embedded in a page/post by users with Contribu...

5.4CVSS5.6AI score0.00535EPSS