Wpdeveloper Essential_blocks
25 CVEs affecting Wpdeveloper Essential_blocks. Latest disclosed: 2025-03-08. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6623 | Critical | 9.8 | 2024-01-15 | The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over th… |
CVE-2023-4386 | High | 8.1 | 2023-10-20 | The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input… |
CVE-2023-4402 | High | 8.1 | 2023-10-20 | The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input… |
CVE-2022-47594 | Medium | 6.5 | 2024-12-13 | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels.This… |
CVE-2023-51360 | Medium | 6.5 | 2024-12-09 | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Secu… |
CVE-2024-47385 | Medium | 6.5 | 2024-10-05 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-bloc… |
CVE-2024-30467 | Medium | 6.5 | 2024-06-09 | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9. |
CVE-2024-31306 | Medium | 6.5 | 2024-04-07 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Stored… |
CVE-2025-1664 | Medium | 6.4 | 2025-03-08 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Parallax s… |
CVE-2024-13803 | Medium | 6.4 | 2025-02-26 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-mark… |
CVE-2024-4891 | Medium | 6.4 | 2024-05-18 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tagName’… |
CVE-2024-2255 | Medium | 6.4 | 2024-03-20 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's w… |
CVE-2024-1854 | Medium | 6.4 | 2024-03-13 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blockId pa… |
CVE-2023-7071 | Medium | 6.4 | 2024-01-11 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Table of C… |
CVE-2023-51359 | Medium | 5.4 | 2024-12-09 | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Secu… |
CVE-2024-5595 | Medium | 5.4 | 2024-08-02 | The Essential Blocks WordPress plugin before 4.7.0 does not validate and escape some of its block options before outputting them back in a page/post where the… |
CVE-2024-3818 | Medium | 5.4 | 2024-04-19 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "… |
CVE-2024-12045 | Medium | 4.4 | 2025-01-08 | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maker titl… |
CVE-2025-26871 | Medium | 4.3 | 2025-02-25 | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Secu… |
CVE-2023-47760 | Medium | 4.3 | 2024-12-09 | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Secu… |