cleantalk
Vulnerabilities and Security Researches

Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE, CVE-2024-11219

CVE, Research URL

CVE-2024-11219

Home page URL

Security reports for Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE

Application

Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE

Published on
Nov 27, 2024
Research Description
The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.0.6 via the get_image function. This makes it possible for unauthenticated attackers to view arbitrary images on the server, which can contain sensitive information.
Affected versions
Min -, max 3.0.7.
Status
vulnerable
Previous vulnerability researches
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE (CVE-2024-3343) , Jun 07, 2024
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE (CVE-2024-2729) , Jun 07, 2024
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE (CVE-2024-3725) , Jun 07, 2024
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE (CVE-2023-2288) , Jun 07, 2024
Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE (CVE-2024-2226) , Jun 07, 2024
New vulnerability
Simple Login Log (CVE-2025-49438) , Aug 23, 2025
SensorPress (CVE-2025-49409) , Aug 23, 2025
Notice Bar (CVE-2025-49389) , Aug 23, 2025
Testimonial (CVE-2025-49410) , Aug 23, 2025
SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) (CVE-2025-8607) , Aug 23, 2025