High 8.8
2025-11-11< 2.1.20
CVE-2025-12846
Blocksy Companion
Minimum safe version
2.1.20
Update to 2.1.20 or later to address 15 fixable vulnerabilities
Latest available2.1.41 ✓
Medium 6.4
2025-10-30< 2.1.15
CVE-2025-12475
N/A
2025-10-06< 2.1.15
Blocksy Companion <= 2.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting
Medium 6.4
2025-09-17< 2.1.11
WordPress Blocksy Companion Plugin <= 2.1.10 is vulnerable to Cross Site Scripting (XSS)
Medium 6.3
2024-10-16< 1.8.20
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Medium 4.4
2024-06-03< 2.0.43
CVE-2024-35633
Medium 5.4
2024-05-13< 2.0.46
WordPress Blocksy Companion Plugin <= 2.0.45 is vulnerable to Cross Site Scripting (XSS)
High 8.8
2024-04-11< 2.0.29
CVE-2024-31932
Medium 5.4
2024-03-22< 2.0.32
CVE-2024-2392
N/A
2023-07-19< 1.8.47
WordPress Blocksy Companion Plugin <= 1.8.46 is vulnerable to Cross Site Scripting (XSS)
Medium 4.3
2023-05-02< 1.8.82
CVE-2023-1911
Medium 5.5
2023-04-06< 1.8.68
CVE-2023-23898
N/A
2022-03-04< 1.8.20
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2022-02-28< 1.8.20
WordPress Blocksy Companion plugin < 1.8.20 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 1.8.20
WordPress Blocksy Companion plugin < 1.8.20 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability