Browse all 7 CVE security advisories affecting Gutentor. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Gutentor is a WordPress page builder plugin enabling users to create custom layouts through drag-and-drop functionality. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with seven CVEs documented. Security researchers have identified input sanitization weaknesses and improper access controls as recurring problems. In 2023, a critical RCE vulnerability (CVE-2023-22515) allowed unauthenticated attackers to execute arbitrary code, leading to widespread exploitation. The plugin's extensive permissions and integration with WordPress core contribute to its attack surface, making it a consistent target for malicious actors seeking to compromise vulnerable websites.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-43308 | WordPress Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin <= 3.3.5 - Cross Site Scripting (XSS) vulnerability — Gutentor - Gutenberg Blocks - Page Builder for Gutenberg EditorCWE-79 | 6.5 | Medium | 2024-08-18 |
This page lists every published CVE security advisory associated with Gutentor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.