cleantalk
Vulnerabilities and Security Researches

Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX, CVE-2023-36385

CVE, Research URL

CVE-2023-36385

Home page URL

Security reports for Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX

Application

Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX

Published on
Jul 25, 2023
Research Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpxpo PostX – Gutenberg Post Grid Blocks plugin <= 2.9.9 versions.
Affected versions
max 2.9.10.
Status
vulnerable
Previous vulnerability researches
WP Ultimate Post Grid (CVE-2024-9051) , Oct 12, 2024
WP Ultimate Post Grid (CVE-2024-4043) , Jun 06, 2024
Ultimate Posts Widget (CVE-2024-0561) , Jun 07, 2024
Ultimate Posts Widget (CVE-2023-38514) , Mar 21, 2025
Ultimate Posts Widget (CVE-2023-0958) , Jun 07, 2024
New vulnerability
AM Events (CVE-2025-69006) , Jan 11, 2026
Master Addons for Elementor (CVE-2025-63053) , Jan 11, 2026
User Registration &#8211; Custom Registration Form, Login Form, and User Profile WordPress Plugin (CVE-2025-13367) , Jan 11, 2026
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2025-14998) , Jan 11, 2026
WPBulky &#8211; WordPress Bulk Edit Post Types (CVE-2025-68550) , Jan 11, 2026