Stellarwp Kadence Blocks — Page Builder Toolkit For Gutenberg Editor
23 CVEs affecting Stellarwp Kadence Blocks — Page Builder Toolkit For Gutenberg Editor. Latest disclosed: 2026-04-04. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6964 | High | 8.5 | 2024-04-09 | The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and inc… |
CVE-2025-5678 | Medium | 6.4 | 2025-07-09 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘redirectURL’ para… |
CVE-2025-1291 | Medium | 6.4 | 2025-03-01 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘icon’ parameter i… |
CVE-2024-12304 | Medium | 6.4 | 2025-01-11 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via button block link in a… |
CVE-2024-10785 | Medium | 6.4 | 2024-11-21 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Countdown' widget… |
CVE-2024-9655 | Medium | 6.4 | 2024-11-01 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon widg… |
CVE-2024-5819 | Medium | 6.4 | 2024-06-29 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to DOM-based Stored Cross-Site Scripting via HTML data at… |
CVE-2024-5289 | Medium | 6.4 | 2024-06-27 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget… |
CVE-2024-4863 | Medium | 6.4 | 2024-06-14 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘titleFont’ parame… |
CVE-2024-4208 | Medium | 6.4 | 2024-05-15 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the typer effect in th… |
CVE-2024-4209 | Medium | 6.4 | 2024-05-11 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown timer in… |
CVE-2024-4481 | Medium | 6.4 | 2024-05-10 | The Gutenberg Blocks with AI by Kadence WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the plugin's blocks in… |
CVE-2024-2273 | Medium | 6.4 | 2024-05-02 | The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all… |
CVE-2024-1999 | Medium | 6.4 | 2024-04-09 | The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget's a… |
CVE-2024-2919 | Medium | 6.4 | 2024-04-04 | The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CountUp Widget in all… |
CVE-2024-1541 | Medium | 6.4 | 2024-03-13 | The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htmlTag attribute in a… |
CVE-2024-3189 | Medium | 5.4 | 2024-05-15 | The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Testimonial'… |
CVE-2024-12581 | Medium | 4.4 | 2024-12-13 | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all… |
CVE-2024-0598 | Medium | 4.4 | 2024-04-09 | The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the contact form message s… |
CVE-2026-2826 | Medium | 4.3 | 2026-04-04 | The Kadence Blocks — Page Builder Toolkit for Gutenberg Editor plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including… |