WordPress Blocksy Vulnerabilities

Wordpress Blocksy vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

9 June 2026

Blocksy <= 2.1.41 - Authenticated (Contributor+) PHP Object Injection via Deserialization of Untrusted Data via 'blocksy_meta' REST API Field
CVE-2026-8365
WordPressBlocksy8.8HIGH

2 March 2026

Stored Cross-Site Scripting Vulnerability in Blocksy Theme by WordPress
CVE-2026-2583
WordPressBlocksy6.4MEDIUM

11 November 2025

Authenticated Arbitrary File Upload Vulnerability in Blocksy Companion Plugin for WordPress
CVE-2025-12846
WordPressBlocksy Companion8.8HIGH

30 October 2025

Stored Cross-Site Scripting Vulnerability in Blocksy Companion Plugin for WordPress
CVE-2025-12475
WordPressBlocksy Companion6.4MEDIUM

17 September 2025

Stored Cross-Site Scripting Vulnerability in Blocksy Companion Plugin for WordPress
CVE-2025-9565
WordPressBlocksy Companion6.4MEDIUM

14 August 2025

Stored XSS Vulnerability in CreativeThemes Blocksy Theme
CVE-2025-55713
WordPressBlocksy5.9MEDIUM

7 May 2025

Missing Authorization Vulnerability in CreativeThemes Blocksy Product
CVE-2025-47465
WordPressBlocksy4.9MEDIUM

2 January 2025

Cross-Site Request Forgery Vulnerability in Blocksy Theme by CreativeThemes
CVE-2024-37469
WordPressBlocksy5.4MEDIUM

5 December 2024

Stored Cross-Site Scripting Vulnerability Affects Blocksy Theme
CVE-2024-11420
WordPressBlocksy6.4MEDIUM

16 October 2024

Freemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974
WordPressYasr – Yet Another Sta...6.3MEDIUM

5 June 2024

Reflected Cross-Site Scripting Vulnerability in Blocksy Theme
CVE-2024-5439
WordPressBlocksy6.4MEDIUM

3 June 2024

Blocksy Companion SSRF Vulnerability Affects Versions n/a through 2.0.42
CVE-2024-35633
WordPressBlocksy Companion4.4MEDIUM

21 May 2024

Stored Cross-Site Scripting Vulnerability in Blocksy Theme
CVE-2024-4943
WordPressBlocksy6.4MEDIUM

14 May 2024

2 May 2024

Stored Cross-Site Scripting Vulnerability in Blocksy Theme Affects All Versions Up to 2.0.39
CVE-2024-3747
WordPressBlocksy6.4MEDIUM

25 April 2024

Blocksy Stored XSS Vulnerability
CVE-2024-32961
WordPressBlocksy6.5MEDIUM

15 April 2024

Blocksy CSRF Vulnerability Affects Users
CVE-2024-31382
WordPressBlocksy4.3MEDIUM

11 April 2024

Blocksy Companion CSRF Vulnerability Affects Users
CVE-2024-31932
WordPressBlocksy Companion5.4MEDIUM

22 March 2024

Stored Cross-Site Scripting Vulnerability in Blocksy Companion Plugin for WordPress
CVE-2024-2392
WordPressBlocksy Companion6.4MEDIUM

9 March 2024

Stored Cross-Site Scripting Vulnerability in Blocksy Theme Affects User Supplied Attributes
CVE-2024-1767
WordPressBlocksy6.4MEDIUM

8 February 2024

Blocksy Stored XSS Vulnerability
CVE-2024-24871
WordPressBlocksy6.5MEDIUM

2 May 2023

Blocksy Companion < 1.8.82 - Subscriber+ Draft Post Access
CVE-2023-1911
WordpressBlocksy Companion👾🟡4.3MEDIUM

6 April 2023

WordPress Blocksy Companion Plugin <= 1.8.67 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-23898
WordPressBlocksy Companion5.5MEDIUM