Gutenverse, a popular WordPress plugin, harbors a serious vulnerability dubbed CVE-2024-3692. This flaw enables attackers to execute Stored XSS attacks, potentially leading to the creation of admin accounts. Let’s delve deeper into the discovery and implications of this vulnerability.

PluginGutenverse < 1.9.1
CriticalVery High
All Time441 145
Active installations30 000+
Publicly PublishedApril 15, 2023
Last UpdatedApril 15, 2023
ResearcherDmtirii Ignatyev
OWASP TOP-10A7: Cross-Site Scripting (XSS)
Plugin Security Certification by CleanTalk
Logo of the plugin


April 5, 2024Plugin testing and vulnerability detection in the Gutenverse have been completed
April 5, 2024I contacted the author of the plugin and provided a vulnerability PoC with a description and recommendations for fixing
April 15, 2024Registered CVE-2024-3692

Discovery of the Vulnerability

During routine testing, security researchers unearthed a critical vulnerability within Gutenverse. This flaw allows contributors to embed malicious JavaScript code in new posts, paving the way for the unauthorized creation of admin accounts.

Understanding of Stored XSS attack’s

Stored XSS, a prevalent web vulnerability, occurs when untrusted data is stored on a server and later displayed without proper sanitization. In WordPress, this can manifest through various entry points like post content, comments, and plugin functionalities.

Exploiting the Stored XSS Vulnerability

To exploit CVE-2024-3692, attackers craft posts containing the “wp:gutenverse/post-title” block and manipulate the “htmlTag” field to inject malicious code, such as JavaScript payloads. Upon rendering, unsuspecting users inadvertently trigger the malicious script, granting attackers unauthorized access.


Create a new Post and add here “wp:gutenverse/post-title” block. Change “htmlTag” field to img src=x onerror=alert(1)


The ramifications of this vulnerability are severe. Attackers can leverage it to compromise websites, execute arbitrary code, steal sensitive information, and even escalate their privileges to admin level. Such breaches can tarnish reputations, incur financial losses, and erode user trust.

Recommendations for Improved Security

Website administrators are urged to promptly update Gutenverse to the latest patched version to mitigate the risk of exploitation. Additionally, implementing robust security measures such as input validation, output encoding, and user role restrictions can fortify defenses against XSS vulnerabilities. Regular security audits and proactive monitoring are also essential to identify and address potential threats promptly.

By taking proactive measures to address Stored XSS vulnerabilities like CVE-2024-3692, WordPress website owners can enhance their security posture and safeguard against potential exploitation. Stay vigilant, stay secure.

#WordPressSecurity #StoredXSS #WebsiteSafety #StayProtected #VeryHighVulnerability

Use CleanTalk solutions to improve the security of your website


Create your CleanTalk account

By signing up, you agree with license. Have an account? Log in.
CVE-2024-3692 – Gutenverse – Stored XSS to Admin Account Creation (Contributor+) – POC

Leave a Reply

Your email address will not be published. Required fields are marked *