Vulnerabilities > Creativethemes > Blocksy Companion > 1.7.36
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-02 | CVE-2023-1911 | Unspecified vulnerability in Creativethemes Blocksy Companion The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example | 4.3 |
| 2023-04-06 | CVE-2023-23898 | Cross-site Scripting vulnerability in Creativethemes Blocksy Companion Auth. | 5.4 |