CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

84 matches found

RedhatCVE•added 2026/06/05 7:29 p.m.•9 views

CVE-2026-2951

The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.4CVSS5.7AI score0.00168EPSS

Exploits0References1

EUVD•added 2026/04/23 4:0 a.m.•3 views

EUVD-2026-25168

5.4CVSS5.9AI score0.00168EPSS

Exploits0References3

Patchstack•added 2026/04/23 3:24 a.m.•7 views

WordPress Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor plugin <= 3.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gutentor Block HTML vulnerability

WordPress Gutentor - Gutenberg Blocks - Page Builder for Gutenberg Editor plugin = 3.5.5 - Authenticated Contributor+ Stored Cross-Site Scripting via Gutentor Block HTML vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Gutentor versions = 3.5.5...

5.4CVSS5.8AI score0.00168EPSS

Exploits0References1Affected Software1

NVD•added 2026/04/23 3:16 a.m.•4 views

CVE-2026-2951

5.4CVSS0.00168EPSS

Exploits0References2

Cvelist•added 2026/04/23 2:25 a.m.•26 views

CVE-2026-2951 Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor <= 3.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gutentor Block HTML

5.4CVSS0.00168EPSS

Exploits0References2

Vulnrichment•added 2026/04/23 2:25 a.m.•2 views

CVE-2026-2951 Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor <= 3.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gutentor Block HTML

5.4CVSS5.9AI score0.00168EPSS

Exploits0References2

CVE•added 2026/04/23 2:25 a.m.•9 views

CVE-2026-2951

CVE-2026-2951 affects the Gutentor – Gutenberg Blocks – Page Builder for WordPress (WordPress plugin). The vulnerability is a Stored Cross-Site Scripting flaw in versions up to and including 3.5.5 caused by insufficient input sanitization and output escaping in Gutentor blocks. This enables authe...

5.4CVSS5.9AI score0.00168EPSS

Exploits0References2

ATTACKERKB•added 2026/04/23 2:25 a.m.•2 views

CVE-2026-2951

5.4CVSS5.9AI score0.00168EPSS

Exploits0References3

Positive Technologies•added 2026/04/23 12:0 a.m.•5 views

PT-2026-34628

5.4CVSS5.9AI score0.00168EPSS

Exploits0References2

CNNVD•added 2026/04/23 12:0 a.m.•7 views

WordPress plugin Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.4CVSS5.6AI score0.00168EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:54 a.m.•13 views

CVE-2025-1986

The Gutentor WordPress plugin before 3.4.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

4.1CVSS7.9AI score0.00383EPSS

Exploits1References1

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress Gutentor plugin <= 3.4.9 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Gutentor versions = 3.4.9...

6.4CVSS5.3AI score0.00292EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-2693