Post Grid And Gutenberg Blocks
Approved changes feed: RSS · Atom
cpe:2.3:a:pickplugins:post_grid_and_gutenberg_blocks:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Pickplugins (03c448d6-40a7-5ce8-8d7e-bbbe6a0aa644) |
|---|---|
| Product | Post Grid And Gutenberg Blocks (11be536d-6ab3-55e6-8174-0b85d861b38c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-68605 |
vulnerable | 2026-06-03 15:11:03.582911 |
WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.23.
Published: 2025-12-24T13:10:48.261Z
Updated: 2026-04-28T16:14:31.280Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-66058 |
vulnerable | 2026-06-03 15:09:40.831226 |
WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.17 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.17.
Published: 2025-12-18T16:15:15.498Z
Updated: 2026-04-28T16:14:15.298Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-63043 |
vulnerable | 2026-06-03 15:09:36.085603 |
WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Insecure Direct Object References (IDOR) vulnerability
MEDIUM (5.3)
Authorization Bypass Through User-Controlled Key vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.23.
Published: 2025-12-18T16:45:08.201Z
Updated: 2026-04-28T16:14:09.149Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-62924 |
vulnerable | 2026-06-03 15:09:35.777860 |
WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.17 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.17.
Published: 2025-10-27T01:33:58.866Z
Updated: 2026-04-28T18:57:34.749Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-54007 |
vulnerable | 2026-06-03 15:03:55.444188 |
WordPress Post Grid and Gutenberg Blocks Plugin <= 2.3.11 - PHP Object Injection Vulnerability
HIGH (8.8)
Deserialization of Untrusted Data vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Object Injection.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.3.11.
Published: 2025-08-20T08:03:05.419Z
Updated: 2026-05-13T00:05:06.943Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8253 |
vulnerable | 2026-06-03 14:58:17.588815 |
Post Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Authenticated (Subscriber+) Privilege Escalation
HIGH (8.8)
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in all versions 2.2.87 to 2.2.90. This is due to the plugin not properly restricting what user meta values can be updated and ensuring a form is active. This makes it possible for authenticated attackers, with subscriber-level access and above, to update their user meta to become an administrator.
Published: 2024-09-11T03:31:07.619Z
Updated: 2024-09-11T18:56:30.780Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-50432 |
vulnerable | 2026-06-03 14:57:24.263719 |
WordPress Post Grid and Gutenberg Blocks plugin <= 2.2.93 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Cross-Site Scripting (XSS).This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.2.93.
Published: 2024-10-28T18:17:12.118Z
Updated: 2026-05-11T21:19:46.867Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-47340 |
vulnerable | 2026-06-03 14:57:01.060534 |
WordPress ComboBlocks plugin <= 2.2.89 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.2.89.
Published: 2024-10-06T10:51:24.555Z
Updated: 2026-04-28T16:10:19.189Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.