Otter blocks

This hub aggregates every CVE we track for Otter blocks, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 10 most recently published vulnerabilities affecting Otter blocks.

• CVE-2024-11219Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 3.0.6 - Unauthetnicated Path Traversal to Arbitrary Image View5.3Nov 27, 2024
• CVE-2024-35682WordPress Otter Blocks PRO plugin <= 2.6.11 - Authenticated Sensitive Data Exposure vulnerability4.3Jun 8, 2024
• CVE-2024-3725Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titleTag'6.4May 2, 2024
• CVE-2024-2729Otter Blocks < 2.6.6 - Contributor+ Stored XSS6.1Apr 18, 2024
• CVE-2024-3344Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.8 - Authenticated (Author+) Limited File Upload to Stored Cross-Site Scripting6.4Apr 11, 2024
• CVE-2024-3343Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes6.4Apr 11, 2024
• CVE-2024-2226Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4Apr 9, 2024
• CVE-2024-2841Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4Mar 29, 2024
• CVE-2024-1684Otter Blocks PRO <= 2.6.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via File Field CSS6.4Mar 13, 2024
• CVE-2024-1691Otter Blocks PRO <= 2.6.3 - Unauthenticated Stored Cross-Site Scripting via SVG Upload6.1Mar 13, 2024