cleantalk
Vulnerabilities and Security Researches

Blocksy, CVE-2025-55713

CVE, Research URL

CVE-2025-55713

Home page URL

Security reports for Blocksy

Application

Blocksy

Published on
Aug 15, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeThemes Blocksy allows Stored XSS. This issue affects Blocksy: from n/a through 2.1.6.
Affected versions
Min -, max 2.1.7.
Status
vulnerable
Previous vulnerability researches
12 Step Meeting List (CVE-2025-24582) , Jan 26, 2025
12 Step Meeting List (CVE-2025-24580) , Jan 26, 2025
12 Step Meeting List (CVE-2023-46641) , Jun 07, 2024
12 Step Meeting List (CVE-2024-35693) , Jun 10, 2024
12 Step Meeting List (CVE-2025-24583) , Apr 19, 2025
New vulnerability
Inspectlet – User Session Recording and Heatmaps (CVE-2025-49048) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8676) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8680) , Aug 16, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-55708) , Aug 16, 2025
WP Voting (CVE-2025-49057) , Aug 16, 2025