Medium 6.5
2025-10-22< 3.3.7
CVE-2025-49929
Ultimate Blocks – 25+ Gutenberg Blocks for Block Editor
Minimum safe version
3.3.7
Update to 3.3.7 or later to address 21 fixable vulnerabilities
Latest available3.5.5 ✓
Medium 6.4
2025-06-10< 3.3.4
Ultimate Blocks – WordPress Blocks Plugin <= 3.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
N/A
2025-05-19< 3.3.1
CVE-2025-48234
Medium 6.5
2025-05-07< 3.3.0
CVE-2025-47493
Medium 6.5
2025-03-28< 3.2.8
CVE-2025-31077
Medium 6.4
2025-03-26< 3.2.8
Ultimate Blocks <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via content Parameter
Medium 6.4
2025-03-26< 3.2.8
Ultimate Blocks – WordPress Blocks Plugin <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Medium 5.4
2024-12-13< 3.2.4
CVE-2024-10678
Medium 6.3
2024-10-16< 2.4.13
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Medium 5.4
2024-09-30< 3.2.2
CVE-2024-8536
Medium 4.6
2024-07-29< 3.2.0
CVE-2024-6362
Medium 5.4
2024-07-21< 3.2.0
CVE-2024-37457
Medium 5.4
2024-07-02< 3.2.0
CVE-2024-4268
Medium 5.4
2024-07-02< 3.2.0
CVE-2024-3513
Medium 5.4
2024-07-11< 3.1.9
CVE-2024-4655
Medium 6.4
2024-06-19< 3.1.1
CVE-2023-6692
Medium 5.4
2024-05-15< 3.1.7
WordPress Ultimate Blocks – Gutenberg Blocks Plugin Plugin < 3.1.7 is vulnerable to Cross Site Scripting (XSS)
N/A
2023-07-18< 3.0.1
WordPress Ultimate Blocks – Gutenberg Blocks Plugin Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS)
N/A
2022-03-04< 2.4.13
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2022-02-28< 2.4.13
WordPress Ultimate Blocks – Gutenberg Blocks Plugin plugin < 2.4.13 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 2.4.13
WordPress Ultimate Blocks – Gutenberg Blocks Plugin plugin < 2.4.13 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability