Gallery PhotoBlocks

Vulnerabilities 16Slug photoblocks-grid-galleryLatest version 1.3.3WordPress.org →

Minimum safe version

1.3.3

Update to 1.3.3 or later to address 16 fixable vulnerabilities

Latest available1.3.3 ✓

Medium 6.5

2026-01-26< 1.3.3

Gallery PhotoBlocks <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Wordfence CVE EUVD

Medium 6.5

2025-09-03< 1.3.2

CVE-2025-58610

CVE Patchstack Wordfence EUVD

Medium 6.3

2024-10-16< 1.2.6

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

N/A

2022-08-17< 1.2.9

Gallery PhotoBlocks <= 1.2.8 - Missing Authorization Checks

Wordfence

N/A

< 1.1.41

Gallery Photoblocks < 1.1.41 - Unauthenticated Reflected XSS

WPScan

N/A

< 1.2.0

Gallery PhotoBlocks < 1.2.0 - Authenticated Cross-Site Scripting (XSS)

WPScan

N/A

2023-07-18< 1.3.0

WordPress Gallery PhotoBlocks Plugin < 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

N/A

2019-07-05< 1.1.41

Gallery Photoblocks <= 1.1.40 - Reflected Cross-Site Scripting

Wordfence

N/A

2020-07-29< 1.2.0

Gallery PhotoBlocks <= 1.1.5 - Cross-Site Scripting

Wordfence

Medium 4.1

2022-09-09< 1.2.7

CVE-2022-37407

CVE Patchstack Wordfence WPScan

Medium 5.4

2022-08-23< 1.2.9

CVE-2022-36292

CVE Patchstack Wordfence WPScan

N/A

2019-07-05< 1.1.41

WordPress Gallery Photoblocks plugin <= 1.1.40 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2019-07-10< 1.1.43

WordPress Gallery Photoblocks plugin <= 1.1.42 - Authenticated Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2022-02-28< 1.2.6

WordPress Gallery PhotoBlocks plugin <= 1.2.4 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 1.2.6

WordPress Gallery PhotoBlocks plugin <= 1.2.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack

Medium 4.8

2019-08-30< 1.1.43

CVE-2019-15829

CVE Wordfence WPScan