cleantalk
Vulnerabilities and Security Researches

Cozy Blocks – Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider, CVE-2024-50502

CVE, Research URL

CVE-2024-50502

Home page URL

Security reports for Cozy Blocks – Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider

Application

Cozy Blocks – Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider

Published on
Oct 28, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks cozy-addons allows DOM-Based XSS.This issue affects Cozy Blocks: from n/a through <= 2.0.18.
Affected versions
max 2.0.19.
Status
vulnerable
Previous vulnerability researches
Ibtana &#8211; WordPress Website Builder (CVE-2024-37123) , Jun 24, 2024
Ibtana &#8211; WordPress Website Builder (CVE-2025-59581) , Jun 13, 2026
Ibtana &#8211; WordPress Website Builder (CVE-2025-26891) , Feb 27, 2025
Ibtana &#8211; WordPress Website Builder (CVE-2022-4674) , Jun 06, 2024
Ibtana &#8211; WordPress Website Builder (CVE-2023-6684) , Jun 06, 2024
New vulnerability
W3SCloud Contact Form 7 to Zoho CRM (CVE-2023-33999) , Jun 14, 2026
Kikote &#8211; Location Picker at Checkout &amp; Google Address AutoFill Plugin for WooCommerce (CVE-2023-33999) , Jun 14, 2026
J Cart Upsell and Cross-sell for WooCommerce (CVE-2023-33999) , Jun 14, 2026
Super Testimonials (CVE-2024-38344) , Jun 14, 2026
AI Engine (CVE-2026-23802) , Jun 14, 2026