Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns

Information

Software Type Plugin
Software Slug essential-blocks (view on wordpress.org)
Software Status Active
Software Author wpdevteam
Software Website essential-blocks.com
Software Downloads 8,697,955
Software Active Installs 200,000
Software Record Last Updated June 18, 2026

Showing 1-20 of 30 Vulnerabilities

Submit a Vulnerability
Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns <= 6.1.3 - Authenticated (Author+) Server-Side Request Forgery
7.2
CVE-2026-10586
Jun 4, 2026
Researcher: Shambles
Gutenberg Essential Blocks <= 6.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes
6.4
CVE-2026-4658
May 1, 2026
Researchers: Jack Pas (Dark.), normaandersonfrank
Essential Blocks <= 5.7.2 - Missing Authorization To Authenticated (Author+) Information Disclosure
4.3
CVE-2025-11369
Dec 16, 2025
Researcher: Dmitrii Ignatyev
Essential Blocks <= 5.7.1 - Authenticated (Author+) Server-Side Request Forgery
6.4
CVE-2025-11361
Oct 17, 2025
Researcher: Dmitrii Ignatyev
Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns <= 5.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2025-11270
Oct 17, 2025
Researcher: Rafshanzani Suhada
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Slider and Post Carousel Widgets
6.4
CVE-2025-4682
May 26, 2025
Researcher: Webbernaut
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2025-1664
Mar 7, 2025
Researcher: Webbernaut
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-13803
Feb 25, 2025
Researcher: zer0gh0st
Essential Blocks for Gutenberg <= 4.8.3 - Missing Authorization
4.3
CVE-2025-26871
Feb 22, 2025
Researcher: Rafie Muhammad
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting
4.4
CVE-2024-12045
Jan 7, 2025
Researcher: zer0gh0st
Essential Blocks for Gutenberg <= 4.8.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-47385
Sep 30, 2024
Researcher: SavPhill (Savphill)
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-5595
Jul 12, 2024
Researcher: Dmitrii Ignatyev
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-4891
May 16, 2024
Researcher: João Pedro Soares de Alcântara
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.9 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting via "Social Icons" Block
5.4
CVE-2024-3818
Apr 18, 2024
Researcher: João Pedro Soares de Alcântara
Essential Blocks for Gutenberg <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-31306
Apr 5, 2024
Researcher: Ngô Thiên An (ancorn_)
Essential Blocks for Gutenberg <= 4.4.9 - Missing Authorization
4.3
CVE-2024-30467
Mar 28, 2024
Researcher: Rafie Muhammad
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-2255
Mar 19, 2024
Researcher: wesley (wcraft)
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-1854
Feb 28, 2024
Researchers: Ngô Thiên An (ancorn_), Dau Hoang Tai
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-7071
Jan 9, 2024
Researcher: Webbernaut
Essential Blocks for Gutenberg <= 4.2.0 - Incorrect Authorization Checks
5.4
CVE-2023-51359
Dec 26, 2023
Researcher: Rafie Muhammad
Title Status CVE ID CVSS Researchers Date
Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns <= 6.1.3 - Authenticated (Author+) Server-Side Request Forgery Patched CVE-2026-10586 7.2 Shambles June 4, 2026
Gutenberg Essential Blocks <= 6.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes Patched CVE-2026-4658 6.4 Jack Pas (Dark.), normaandersonfrank May 1, 2026
Essential Blocks <= 5.7.2 - Missing Authorization To Authenticated (Author+) Information Disclosure Patched CVE-2025-11369 4.3 Dmitrii Ignatyev December 16, 2025
Essential Blocks <= 5.7.1 - Authenticated (Author+) Server-Side Request Forgery Patched CVE-2025-11361 6.4 Dmitrii Ignatyev October 17, 2025
Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns <= 5.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2025-11270 6.4 Rafshanzani Suhada October 17, 2025
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Slider and Post Carousel Widgets Patched CVE-2025-4682 6.4 Webbernaut May 26, 2025
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2025-1664 6.4 Webbernaut March 7, 2025
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-13803 6.4 zer0gh0st February 25, 2025
Essential Blocks for Gutenberg <= 4.8.3 - Missing Authorization Patched CVE-2025-26871 4.3 Rafie Muhammad February 22, 2025
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting Patched CVE-2024-12045 4.4 zer0gh0st January 7, 2025
Essential Blocks for Gutenberg <= 4.8.4 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-47385 6.4 SavPhill (Savphill) September 30, 2024
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-5595 6.4 Dmitrii Ignatyev July 12, 2024
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-4891 6.4 João Pedro Soares de Alcântara May 16, 2024
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.9 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting via "Social Icons" Block Patched CVE-2024-3818 5.4 João Pedro Soares de Alcântara April 18, 2024
Essential Blocks for Gutenberg <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-31306 6.4 Ngô Thiên An (ancorn_) April 5, 2024
Essential Blocks for Gutenberg <= 4.4.9 - Missing Authorization Patched CVE-2024-30467 4.3 Rafie Muhammad March 28, 2024
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-2255 6.4 wesley (wcraft) March 19, 2024
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2024-1854 6.4 Ngô Thiên An (ancorn_), Dau Hoang Tai February 28, 2024
Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting Patched CVE-2023-7071 6.4 Webbernaut January 9, 2024
Essential Blocks for Gutenberg <= 4.2.0 - Incorrect Authorization Checks Patched CVE-2023-51359 5.4 Rafie Muhammad December 26, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation