Vayu Blocks – Website Builder for the Block Editor

Vulnerabilities 5Slug vayu-blocksLatest version 1.4.7WordPress.org →

Minimum safe version

1.3.10

Update to 1.3.10 or later to address 3 fixable vulnerabilities

Latest available1.4.7 Affected up to1.2.1 ⚠ 1 vulnerability has no fix
Medium 6.4
2025-09-03< 1.3.10

Vayu Blocks <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Block Attributes

EUVDWordfenceCVE
Medium 6.4
2025-06-03< 1.3.2

Vayu Blocks <= 1.3.1 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via containerWidth Parameter

EUVDWordfenceCVE
Medium 5.3
2025-04-08≥ 1.0.4 and ≤ 1.2.1

Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce 1.0.4 - 1.2.1 - Missing Authorization to Unauthenticated Limited Arbitrary Options Update

EUVDWordfenceCVE
Medium 6.5 Unfixed
2025-03-27≤ 1.4.7

WordPress Vayu Blocks – Gutenberg Blocks plugin <= 1.4.7 - Cross Site Scripting (XSS) vulnerability

CVEEUVDPatchstackWordfence
Critical 9.8
2024-12-12< 1.2.0

CVE-2024-10124

CVEWordfence