CVE-2025-14283

Name of the Vulnerable Software and Affected Versions BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks, WordPress Block Plugin, Sections & Template Library versions up to and including 2.2.14

Description The BlockArt Blocks plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping of user-supplied attributes within the BlockArt Counter. Successful exploitation allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will then execute when a user accesses the compromised page.

Recommendations Update BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks, WordPress Block Plugin, Sections & Template Library to a version later than 2.2.14.