Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Gutenverse – Gutenberg Blocks – Page Builder for Site Editor 1.9.2

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 19, 2024

The Gutenverse plugin for WordPress has a security issue where harmful web scripts can be injected into pages. This can happen in versions 1.9.2 and below because the plugin does not properly filter and protect the input and output. This means that attackers who have contributor-level access or higher can add these scripts to pages and they will run whenever a user visits them.

Detected in:

Gutenverse – Blocks and Page Builder for Site Editor fixed vulnerable versions:
Gutenverse – Blocks and Website Builder for Site Editor fixed vulnerable versions:
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor fixed vulnerable versions: >= * <= 1.9.2
Gutenverse – Gutenberg Blocks and Page Builder for Site Editor fixed vulnerable versions:
Gutenverse – Ultimate Block Addons and Page Builder for Site Editor fixed vulnerable versions:
Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.