Lucene search
K

168 matches found

NVD
NVD
added 6 days ago10 views

CVE-2026-12399

The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS0.00246EPSS
Exploits0References12
CVE
CVE
added 6 days ago12 views

CVE-2026-12399

The Gutenverse WordPress plugin (Blocks, Page Builder & Site Editor) is affected by a Stored Cross-Site Scripting vulnerability up to version 3.8.0. The issue arises from insufficient input sanitization and output escaping in admin settings, allowing authenticated users with editor-level permissi...

4.4CVSS5.9AI score0.00246EPSS
Exploits0References12
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-39959

The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS5.9AI score0.00246EPSS
Exploits0References12
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-12399 Gutenverse <= 3.8.0 - Authenticated (Editor+) Stored Cross-Site Scripting via 'fonts[].font.font.value' Parameter

The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

4.4CVSS0.00246EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 6 days ago10 views

PT-2026-53053

Name of the Vulnerable Software and Affected Versions Gutenverse versions prior to 3.8.1 Description The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress contains a Stored Cross-Site Scripting issue in the admin settings. This occurs due to insufficient input...

4.4CVSS5.9AI score0.00246EPSS
Exploits0References16
NVD
NVD
added last week4 views

CVE-2026-56040

Unauthenticated Cross Site Scripting XSS in Gutenverse Form = 2.4.7 versions...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added last week6 views

CVE-2026-54832

Unauthenticated Broken Access Control in Gutenverse Companion = 2.5.0 versions...

7.5CVSS0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added last week33 views

CVE-2026-56040 WordPress Gutenverse Form plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Gutenverse Form = 2.4.7 versions...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added last week8 views

CVE-2026-56040

The CVE-2026-56040 entry describes an unauthenticated Cross-Site Scripting (XSS) vulnerability affecting the WordPress Gutenverse Form plugin up to version 2.4.7. The issue is identified in multiple sources (including NVD/CVE records) and is scored with a CVSSv3.1 base score of 7.1 (HIGH), with n...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added last week5 views

EUVD-2026-39702

Unauthenticated Cross Site Scripting XSS in Gutenverse Form = 2.4.7 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added last week3 views

EUVD-2026-39676

Unauthenticated Broken Access Control in Gutenverse Companion = 2.5.0 versions...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added last week30 views

CVE-2026-54832 WordPress Gutenverse Companion plugin <= 2.5.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Gutenverse Companion = 2.5.0 versions...

7.5CVSS0.00238EPSS
Exploits0References1
CVE
CVE
added last week13 views

CVE-2026-54832

The CVE-2026-54832 entry affects the WordPress plugin Gutenverse Companion, specifically versions

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/24 2:55 p.m.7 views

WordPress Gutenverse Form plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hivesec in WordPress Plugin Gutenverse Form versions = 2.4.7...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 2:23 p.m.8 views

WordPress Gutenverse Companion plugin <= 2.5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by mxym in WordPress Plugin Gutenverse Companion versions = 2.5.0...

7.5CVSS5.8AI score0.00238EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.11 views

CVE-2026-3001

The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...

6.1CVSS5.7AI score0.00204EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/28 9:18 a.m.11 views

WordPress Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin <= 3.4.6 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Gutenverse versions = 3.4.6...

6.1CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/27 8:16 a.m.12 views

CVE-2026-3001

The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...

6.1CVSS0.00204EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 7:45 a.m.28 views

CVE-2026-3001 Gutenverse <= 3.4.6 - Reflected Cross-Site Scripting via 's' Parameter

The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...

6.1CVSS0.00204EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 7:45 a.m.9 views

CVE-2026-3001

The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 3.4.6 due to insufficient input sanitization and output escaping. Specifically, the rendercontent method in class-search-result-title.php outputs the val...

6.1CVSS6AI score0.00204EPSS
Exploits0References4
Rows per page
Query Builder