Vulnerabilities > Creativethemes > Blocksy Companion > 2.0.45
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-14 | CVE-2024-4487 | Cross-site Scripting vulnerability in Creativethemes Blocksy Companion The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG uploads in versions up to, and including, 2.0.45 due to insufficient input sanitization and output escaping. | 5.4 |