Smart Post – Post Grid, Post Carousel, Post Slider Gutenberg Blocks for Blog & News

Vulnerabilities 7Slug post-carouselLatest version 4.0.1WordPress.org →

Minimum safe version

3.0.13

Update to 3.0.13 or later to address 7 fixable vulnerabilities

Latest available4.0.1
N/A
2026-04-13< 3.0.13

Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts <= 3.0.12 - Authenticated (Administrator+) PHP Object Injection

WordfenceCVE
Medium 4.8
2025-05-15< 3.0.1

WordPress Post Grid, Post Carousel, & List Category Posts – by Smart Post Show Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS)

EUVDPatchstackWordfenceCVE
Medium 6.1
2025-05-19< 2.4.28

WordPress Post Grid, Post Carousel, & List Category Posts – by Smart Post Show Plugin < 2.4.28 is vulnerable to Cross Site Scripting (XSS)

PatchstackEUVDWordfenceCVE
N/A
< 2.3.5

Post Carousel &lt; 2.3.5 - CSRF Bypass / Unauthorised AJAX Calls

WPScan
N/A
2023-01-06< 2.3.5

WordPress Post Grid, Post Carousel, & List Category Posts – by Smart Post Show Plugin < 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)

Patchstack
N/A
2021-08-16< 2.3.5

Post Carousel < 2.3.5 - Missing Capabilities Check

Wordfence