cleantalk
Vulnerabilities and Security Researches

Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX, CVE-2021-24652

CVE, Research URL

CVE-2021-24652

Home page URL

Security reports for Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX

Application

Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX

Published on
Sep 27, 2021
Research Description
The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 performs incorrect checks before allowing any logged in user to perform some ajax based requests, allowing any user to modify, delete or add ultp_options values.
Affected versions
max 2.4.10.
Status
vulnerable
Previous vulnerability researches
WP Ultimate Post Grid (CVE-2024-9051) , Oct 12, 2024
WP Ultimate Post Grid (CVE-2024-4043) , Jun 06, 2024
Ultimate Posts Widget (CVE-2024-0561) , Jun 07, 2024
Ultimate Posts Widget (CVE-2023-38514) , Mar 21, 2025
Ultimate Posts Widget (CVE-2023-0958) , Jun 07, 2024
New vulnerability
Customer Reviews for WooCommerce (CVE-2026-1316) , Apr 15, 2026
WP Recipe Maker (CVE-2026-1558) , Apr 15, 2026
Page and Post Clone (CVE-2026-2893) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-2589) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-1927) , Apr 15, 2026