ByteOS Network

Radius Blocks

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

4Vulnerabilities found

CVE-2025-64282

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.05% / 14.08%

7 Day CHG~0.00%

Published-18 Dec, 2025 | 16:18

Updated-28 Apr, 2026 | 16:14

WordPress Radius Blocks plugin <= 2.2.1 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in RadiusTheme Radius Blocks radius-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Radius Blocks: from n/a through <= 2.2.1.

Vendor-RadiusTheme

Product-Radius Blocks

CWE ID-CWE-639

Authorization Bypass Through User-Controlled Key

CVE-2025-32159

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.42% / 62.22%

7 Day CHG~0.00%

Published-04 Apr, 2025 | 15:58

Updated-28 Apr, 2026 | 16:12

WordPress Radius Blocks plugin <= 2.2.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Radius Blocks radius-blocks allows PHP Local File Inclusion.This issue affects Radius Blocks: from n/a through <= 2.2.1.

Vendor-RadiusTheme

Product-Radius Blocks

CWE ID-CWE-98

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

CVE-2025-24712

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.4||MEDIUM

EPSS-0.14% / 34.54%

7 Day CHG~0.00%

Published-24 Jan, 2025 | 17:25

Updated-28 Apr, 2026 | 16:11

WordPress Radius Blocks – WordPress Gutenberg Blocks Plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Radius Blocks radius-blocks allows Cross Site Request Forgery.This issue affects Radius Blocks: from n/a through <= 2.1.2.

Vendor-RadiusTheme

Product-Radius Blocks

CWE ID-CWE-352

Cross-Site Request Forgery (CSRF)

CVE-2024-54272

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.20% / 41.48%

7 Day CHG~0.00%

Published-13 Dec, 2024 | 14:24

Updated-28 Apr, 2026 | 16:10

WordPress Radius Blocks plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Radius Blocks radius-blocks allows Stored XSS.This issue affects Radius Blocks: from n/a through <= 2.1.2.

Vendor-RadiusTheme

Product-Radius Blocks

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')