Post Grid

Vulnerabilities 40Slug post-gridLatest version 2.3.23WordPress.org →

Minimum safe version

2.3.18

Update to 2.3.18 or later to address 37 fixable vulnerabilities

Latest available2.3.23 ✓Affected up to2.3.3 ⚠⚠ 2 vulnerabilities have no fix

N/A Unfixed

2025-12-18≤ 2.3.23

WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Insecure Direct Object References (IDOR) vulnerability

CVE Wordfence

N/A

2025-12-18< 2.3.18

CVE-2025-66058

CVE Wordfence

Medium 6.5 Unfixed

2025-12-24≤ 2.3.23

WordPress Post Grid and Gutenberg Blocks plugin <= 2.3.23 - Cross Site Scripting (XSS) vulnerability

CVE EUVD Wordfence

High 8.8

2025-10-27< 2.3.18

CVE-2025-62924

CVE EUVD Wordfence

High 8.8

2025-08-20< 2.3.12

CVE-2025-54007

CVE EUVD Wordfence

Medium 5.4

2025-05-15< 2.2.93

Post Grid and Gutenberg Blocks <= 2.2.92 - Authenticated (Contributor+) Stored Cross-Site Scripting

EUVD Wordfence CVE

Medium 5.3

2025-02-28< 2.3.7

CVE-2024-13796

CVE EUVD Wordfence

Medium 5.3

2025-02-22< 2.3.6

CVE-2024-13798

CVE EUVD Wordfence

Critical 9.8

2025-01-14≥ 2.2.85 and ≤ 2.3.3

WordPress Post Grid and Gutenberg Blocks Plugin 2.2.85-2.3.3 is vulnerable to Privilege Escalation

Patchstack Wordfence CVE

Medium 6.5

2024-10-28< 2.2.94

CVE-2024-50432

CVE Patchstack Wordfence

High 8.8

2024-10-16< 2.1.13

CVE-2021-4450

CVE

Medium 6.5

2024-10-06< 2.2.90

CVE-2024-47340

CVE Patchstack Wordfence

High 8.8

2024-09-11< 2.2.91

CVE-2024-8253

CVE Wordfence Patchstack

Medium 6.4

2024-08-14< 2.2.88

CVE-2024-7588

CVE Patchstack Wordfence

Medium 6.5

2024-08-12< 2.2.87

CVE-2024-43155

CVE Patchstack Wordfence

Medium 5.4

2024-08-01< 2.2.86

CVE-2024-6346

CVE Patchstack Wordfence

Medium 5.4

2024-06-07< 2.2.81

CVE-2024-1988

CVE Wordfence

Medium 5.4

2024-06-07< 2.2.81

CVE-2024-4042

CVE Wordfence

Medium 6.4

2024-05-21< 2.2.81

CVE-2024-3155

CVE Patchstack Wordfence

High 7.5

2024-04-24< 2.2.79

CVE-2024-32816

CVE Patchstack Wordfence

Medium 5.4

2024-04-15< 2.2.76

WordPress Post Grid Plugin < 2.2.76 is vulnerable to Broken Access Control

Patchstack CVE Wordfence WPScan

High 7.1

2024-03-29< 2.2.76

CVE-2024-30441

CVE Wordfence Patchstack WPScan

High 7.5

2024-03-12< 2.2.69

CVE-2023-7072

CVE Wordfence Patchstack WPScan

Medium 5.4

2024-12-15< 2.2.65

WordPress Post Grid Plugin <= 2.2.64 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

High 7.5

2023-11-30< 2.2.51

CVE-2023-40211

CVE Patchstack Wordfence

N/A

< 2.0.13

Post Grid <= 2.0.12 - Unauthenticated Arbitrary File Deletion

WPScan

High 8.8

2021-01-01< 2.0.73

CVE-2020-35939

CVE WPScan

High 8.0

2021-01-01< 2.0.73

CVE-2020-35937

CVE WPScan

N/A

< 2.1.13

Post Grid < 2.1.13 - Contributor+ SQL Injection

WPScan

N/A

2016-11-08< 2.0.13

Post Grid <= 2.0.12 - Arbitrary File Deletion

Wordfence

N/A

2021-12-15< 2.1.13

Post Grid <= 2.1.12 - Contributor+ SQL Injection

Wordfence

N/A

2016-11-08< 2.0.13

WordPress Post Grid Plugin <= 2.0.11 - File Deletion Vulnerability

Patchstack

N/A

2016-11-08< 2.0.13

WordPress Post Grid Plugin <= 2.0.12 - Arbitrary File Deletion

Patchstack

N/A

2020-10-05< 2.0.73

WordPress Post Grid plugin <= 2.0.72 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2020-10-05< 2.0.73

WordPress Post Grid plugin <= 2.0.72 - PHP Object Injection vulnerability

Patchstack

Medium 6.1

2022-04-11< 2.1.16

CVE-2021-24986

CVE Patchstack Wordfence WPScan

Medium 6.4

2022-04-11< 2.1.16

CVE-2022-0447

CVE Patchstack Wordfence WPScan

High 8.0

2021-01-01< 2.0.73

CVE-2020-35936

CVE

High 8.8

2021-01-01< 2.0.73

CVE-2020-35938

CVE

Medium 6.1

2021-08-02< 2.1.8

CVE-2021-24488

CVE Wordfence WPScan