Gutentor

Gutentor

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2026-2951

  • EPSS 0.17%
  • Veröffentlicht 23.04.2026 02:25:21
  • Zuletzt bearbeitet 23.04.2026 14:28:55

The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it po...

6.5

CVE-2025-58680

  • EPSS 0.29%
  • Veröffentlicht 22.09.2025 18:22:48
  • Zuletzt bearbeitet 23.04.2026 15:33:35

Missing Authorization vulnerability in gutentor Gutentor gutentor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutentor: from n/a through <= 3.5.2.

4.3

CVE-2025-58783

  • EPSS 0.22%
  • Veröffentlicht 05.09.2025 13:44:54
  • Zuletzt bearbeitet 23.04.2026 15:33:37

Missing Authorization vulnerability in gutentor Gutentor gutentor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutentor: from n/a through <= 3.5.5.

6.4

CVE-2025-4685

  • EPSS 0.22%
  • Veröffentlicht 21.07.2025 07:23:24
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML data attributes of multiple widgets, in all versions up to, and including, 3.4.8 due to insufficient in...

6.4

CVE-2024-5647

  • EPSS 0.29%
  • Veröffentlicht 03.07.2025 09:22:19
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Magnific Popups library (version 1.1.0) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. ...

4.1

CVE-2025-1986

Exploit
  • EPSS 0.38%
  • Veröffentlicht 01.04.2025 06:15:48
  • Zuletzt bearbeitet 28.05.2025 15:55:16

The Gutentor WordPress plugin before 3.4.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks

6.5

CVE-2025-22293

  • EPSS 0.28%
  • Veröffentlicht 07.01.2025 11:15:13
  • Zuletzt bearbeitet 23.04.2026 15:22:57

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gutentor Gutentor gutentor allows DOM-Based XSS.This issue affects Gutentor: from n/a through <= 3.4.3.

5.4

CVE-2024-10178

  • EPSS 0.32%
  • Veröffentlicht 05.12.2024 05:15:06
  • Zuletzt bearbeitet 09.07.2025 13:01:14

The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 3.3.9 due to insufficient input sanitization...

5.4

CVE-2024-5417

Exploit
  • EPSS 0.29%
  • Veröffentlicht 29.08.2024 11:15:27
  • Zuletzt bearbeitet 07.10.2024 15:44:01

The Gutentor WordPress plugin before 3.3.6 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cros...

5.4

CVE-2024-43308

  • EPSS 0.24%
  • Veröffentlicht 18.08.2024 15:15:03
  • Zuletzt bearbeitet 12.09.2024 16:30:02

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gutentor Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor allows Stored XSS.This issue affects Gutentor - Gutenberg Blocks - P...