Blocksy — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in Blocksy, with AI-generated Chinese analysis, references, and POCs.

Vendor: creativethemeshq

CVE ID	Title	CVSS	Severity	Published
CVE-2026-2583	Blocksy <= 2.1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via `blocksy_meta` Fields CWE-79	6.4	Medium	2026-03-02
CVE-2025-55713	WordPress Blocksy Theme <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability CWE-79	5.9	Medium	2025-08-14
CVE-2025-47465	WordPress Blocksy theme <= 2.0.97 - Broken Access Control Vulnerability CWE-862	4.9	Medium	2025-05-07
CVE-2024-37469	WordPress Blocksy theme <= 1.9.5 - Cross Site Request Forgery (CSRF) vulnerability CWE-352	5.4	Medium	2025-01-02
CVE-2024-11420	Blocksy <= 2.0.77 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79	6.4	Medium	2024-12-05
CVE-2024-5439	Blocksy <= 2.0.50 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-20	6.4	Medium	2024-06-05
CVE-2024-4943	Blocksy <= 2.0.46 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79	6.4	Medium	2024-05-21
CVE-2024-4158	Blocksy <= 2.0.42 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79	6.4	Medium	2024-05-09
CVE-2024-3747	Blocksy <= 2.0.39 - Authenticated (Contributor+) Stored Cross-Site Scripting via About Me block CWE-20	6.4	Medium	2024-05-02
CVE-2024-32961	WordPress Blocksy theme <= 2.0.33 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-04-25
CVE-2024-31382	WordPress Blocksy theme <= 2.0.22 - Cross Site Request Forgery (CSRF) vulnerability CWE-352	4.3	Medium	2024-04-15
CVE-2024-1767	Blocksy <= 2.0.26 - Authenticated (Contributor+) Stored Cross-Site Scripting CWE-79	6.4	Medium	2024-03-09
CVE-2024-24871	WordPress Blocksy theme <= 2.0.19 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-02-08

All 13 known CVE vulnerabilities affecting Blocksy with full Chinese analysis, references, and POCs where available.