Essential blocks
This hub aggregates every CVE we track for Essential blocks, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
25
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM22HIGH2CRITICAL1
Monthly trend
0
1
0
1
0
4
1
2
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Essential blocks.
- CVE-2025-1664Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-13803Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2025-26871WordPress Essential Blocks plugin <= 4.8.3 - Broken Access Control vulnerability4.3
- CVE-2024-12045Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting4.4
- CVE-2022-47594WordPress Essential Blocks for Gutenberg plugin <= 3.8.5 - Broken Access Control6.5
- CVE-2023-47760WordPress Essential Blocks plugin <= 4.2.0 - Broken Access Control vulnerability4.3
- CVE-2023-51360WordPress Essential Blocks plugin <= 4.2.0 - Multiple Subscriber+ Broken Access Control vulnerability6.5
- CVE-2023-51359WordPress Essential Blocks plugin <= 4.2.0 - Multiple Contributor+ Broken Access Control vulnerability5.4
- CVE-2024-47385WordPress Essential Blocks plugin <= 4.8.4 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-5595Essential Blocks < 4.7.0 - Contributor+ Stored XSS5.4
- CVE-2024-30467WordPress Essential Blocks plugin <= 4.4.9 - Broken Access Control vulnerability6.5
- CVE-2024-4891Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-3818Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.9 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting via "Social Icons" Block5.4
- CVE-2024-31306WordPress Essential Blocks plugin <= 4.5.3 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-2255Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
Product normalization is registry-driven with AI assist and human review. How it works