Wpdeveloper Essential Blocks — known CVE vulnerabilities
Every CVE whose affected-product data names Wpdeveloper Essential Blocks, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2023-6623 — CVSS 9.8 (critical): The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when…
CVE-2023-4386 — CVSS 8.1 (high): The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization…
CVE-2023-4402 — CVSS 8.1 (high): The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization…
CVE-2024-30467 — CVSS 6.5 (medium): Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from…
CVE-2023-51360 — CVSS 6.5 (medium): Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured…
CVE-2022-47594 — CVSS 6.5 (medium): Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control…
CVE-2024-47385 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Blocks for…
CVE-2024-31306 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Blocks for…
CVE-2023-7071 — CVSS 6.4 (medium): The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2024-13803 — CVSS 6.4 (medium): The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2024-1854 — CVSS 6.4 (medium): The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2024-2255 — CVSS 6.4 (medium): The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2024-4891 — CVSS 6.4 (medium): The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2025-1664 — CVSS 6.4 (medium): The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2024-3818 — CVSS 5.4 (medium): The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2023-51359 — CVSS 5.4 (medium): Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured…
CVE-2024-5595 — CVSS 5.4 (medium): The Essential Blocks WordPress plugin before 4.7.0 does not validate and escape some of its block options before outputting them back in a…
CVE-2024-12045 — CVSS 4.4 (medium): The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2023-2084 — CVSS 4.3 (medium): The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the get…
CVE-2023-2085 — CVSS 4.3 (medium): The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the…
CVE-2025-26871 — CVSS 4.3 (medium): Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured…
CVE-2023-47760 — CVSS 4.3 (medium): Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured…
CVE-2023-2087 — CVSS 4.3 (medium): The Essential Blocks plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.6. This is due…
CVE-2023-2086 — CVSS 4.3 (medium): The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the…
CVE-2023-2083 — CVSS 4.3 (medium): The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the save…