Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

jegstudio — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting jegstudio. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Jegstudio develops software tools for digital content creation and management, with its products primarily used by creative professionals and small businesses. Historically, their applications have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure authentication mechanisms. The company has addressed multiple security flaws in its web-based platforms, with 15 CVEs documented to date, reflecting ongoing challenges in secure coding practices. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests a need for strengthened security testing and developer training across their product portfolio.

Top products by jegstudio: Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem Gutenverse Gutenverse Form Financio Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons Gutenverse Form – Contact Form Builder, Booking, Reservation, Subscribe for Block Editor
CVE IDTitleCVSSSeverityPublished
CVE-2026-2948 Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.5.3 - Authenticated (Contributor+) Server-Side Request Forgery via 'imageUrl' — Gutenverse – Ultimate WordPress FSE Blocks Addons & EcosystemCWE-918 6.4 Medium2026-05-05
CVE-2026-2868 Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'separatorIconSVG' — Gutenverse – Ultimate WordPress FSE Blocks Addons & EcosystemCWE-79 6.4 Medium2026-05-05
CVE-2026-2924 Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'imageLoad' — Gutenverse – Ultimate WordPress FSE Blocks Addons & EcosystemCWE-79 6.4 Medium2026-04-04
CVE-2025-14984 Gutenverse Form <= 2.3.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — Gutenverse Form – Contact Form Builder, Booking, Reservation, Subscribe for Block EditorCWE-79 6.4 Medium2026-01-08
CVE-2025-68511 WordPress Gutenverse Form plugin <= 2.3.1 - Broken Access Control vulnerability — Gutenverse FormCWE-862 6.5 Medium2025-12-24
CVE-2025-62090 WordPress Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons plugin <= 3.0.2 - Broken Access Control vulnerability — Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks AddonsCWE-862 6.5 Medium2025-12-09
CVE-2025-66079 WordPress Gutenverse Form plugin <= 2.2.0 - Broken Access Control vulnerability — Gutenverse FormCWE-862 6.5 Medium2025-11-21
CVE-2025-66065 WordPress Gutenverse plugin <= 3.2.1 - Broken Access Control vulnerability — GutenverseCWE-862 6.5 Medium2025-11-21
CVE-2025-7727 Gutenverse <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks — Gutenverse – Ultimate WordPress FSE Blocks Addons & EcosystemCWE-79 6.4 Medium2025-08-06
CVE-2025-5234 Gutenverse News <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via elementId Parameter — Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks AddonsCWE-79 6.4 Medium2025-06-19
CVE-2025-2893 Gutenverse <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via countdown Block — Gutenverse – Ultimate WordPress FSE Blocks Addons & EcosystemCWE-79 6.4 Medium2025-04-29
CVE-2023-35875 WordPress Gutenverse – Gutenberg Blocks – Page Builder for Site Editor plugin <= 1.8.5 - Broken Access Control vulnerability — GutenverseCWE-862 5.3 Medium2024-12-13
CVE-2024-43920 WordPress Gutenverse – Gutenberg Blocks – Page Builder for Site Editor plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability — GutenverseCWE-79 6.5 Medium2024-08-29
CVE-2024-38785 WordPress Gutenverse plugin <= 1.9.2 - Cross Site Scripting (XSS) vulnerability — GutenverseCWE-79 6.5 Medium2024-07-21
CVE-2024-33690 WordPress Financio theme <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability — FinancioCWE-352 4.3 Medium2024-04-26

This page lists every published CVE security advisory associated with jegstudio. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.