cleantalk
Vulnerabilities and Security Researches

Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor, CVE-2024-5417

CVE, Research URL

CVE-2024-5417

Home page URL

Security reports for Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor

Application

Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor

Published on
Aug 29, 2024
Research Description
The Gutentor WordPress plugin before 3.3.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Affected versions
Min -, max 3.3.6.
Status
vulnerable
Previous vulnerability researches
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor (CVE-2024-10178) , Dec 06, 2024
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor (CVE-2024-43308) , Aug 20, 2024
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor (CVE-2025-1986) , May 07, 2025
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor (CVE-2024-5417) , Aug 31, 2024
Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor (be25a0fa12b1b84dc16921df18e7676e1c5e8d8a) , Jun 07, 2024
New vulnerability
Xavin's List Subpages (CVE-2025-4220) , May 08, 2025
CarDealerPress (CVE-2025-3860) , May 08, 2025
Crossword Compiler Puzzles (CVE-2025-46493) , May 08, 2025
Frontend Dashboard (CVE-2025-4104) , May 08, 2025
Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce (CVE-2025-0671) , May 08, 2025