cleantalk
Vulnerabilities and Security Researches

Gutenverse – Gutenberg Blocks – Page Builder for Site Editor, CVE-2024-3692

CVE, Research URL

CVE-2024-3692

Home page URL

Security reports for Gutenverse – Gutenberg Blocks – Page Builder for Site Editor

Application

Gutenverse – Gutenberg Blocks – Page Builder for Site Editor

Published on
May 03, 2024
Research Description
The Gutenverse WordPress plugin before 1.9.1 does not validate the htmlTag option in various of its block before outputting it back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Affected versions
Min -, max 1.9.1.
Status
vulnerable
Previous vulnerability researches
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2024-43920) , Aug 29, 2024
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2023-35875) , Jun 10, 2024
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2025-2893) , Apr 30, 2025
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2024-3692) , Jun 06, 2024
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (a58b0ffe6aa969b285dc8e2ff7dbe19199c693a3) , Jun 06, 2024
New vulnerability
SecuPress Free — WordPress Security (CVE-2025-3452) , Apr 30, 2025
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2025-2893) , Apr 30, 2025
My Tickets (CVE-2025-3761) , Apr 29, 2025
Mang Board WP (CVE-2025-3435) , Apr 29, 2025
Church Admin (CVE-2025-39553) , Apr 29, 2025