Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Gutenberg Blocks – PublishPress Blocks Controls, Visibility, Reusable Blocks 3.3.1

  • Severity: critical
  • Status: Fixed
  • Publication: July 28, 2025

The Gutenberg Blocks plugin for WordPress, a popular tool for creating website layouts, has a security flaw in versions 3.3.1 and below. This flaw allows hackers to access and run any code they want on the server, without needing to log in. This can lead to unauthorized access, stealing of private information, or even taking control of the website.

Detected in:

Gutenberg Blocks – PublishPress Blocks Controls, Visibility, Reusable Blocks fixed vulnerable versions: >= * <= 3.3.1
PublishPress Blocks – Block Controls, Block Visibility, Block Permissions fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.