Creativethemes Blocksy
10 CVEs affecting Creativethemes Blocksy. Latest disclosed: 2025-01-02. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-32961 | Medium | 6.5 | 2024-04-25 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in creativethemeshq Blocksy blocksy.This issue affects Block… |
CVE-2024-24871 | Medium | 6.5 | 2024-02-08 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in creativethemeshq Blocksy blocksy.This issue affects Block… |
CVE-2024-11420 | Medium | 6.4 | 2024-12-05 | The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Info Block link parameter in all versions up to, and including, 2… |
CVE-2024-5439 | Medium | 6.4 | 2024-06-05 | The Blocksy theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the custom_url parameter in all versions up to, and including, 2.0.50 due t… |
CVE-2024-4943 | Medium | 6.4 | 2024-05-21 | The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘has_field_link_rel’ parameter in all versions up to, and including, 2.0.4… |
CVE-2024-4158 | Medium | 6.4 | 2024-05-14 | The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tagName’ parameter in versions up to, and including, 2.0.42 due to insuff… |
CVE-2024-3747 | Medium | 6.4 | 2024-05-02 | The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the className parameter in the About Me block in all versions up to, and inclu… |
CVE-2024-1767 | Medium | 6.4 | 2024-03-09 | The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, and including, 2.0.26 due to insuff… |
CVE-2024-37469 | Medium | 5.4 | 2025-01-02 | Cross-Site Request Forgery (CSRF) vulnerability in creativethemeshq Blocksy blocksy allows Cross Site Request Forgery.This issue affects Blocksy: from n/a thro… |
CVE-2024-31382 | Medium | 4.3 | 2024-04-15 | Cross-Site Request Forgery (CSRF) vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through <= 2.0.22. |