Approved changes feed: RSS · Atom

cpe:2.3:a:jegstudio:gutenverse:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorJegstudio (7e5068a5-768f-5183-b7a7-f81ad90102a9)
ProductGutenverse (64eeecd4-428c-5257-8cfe-36425719ee79)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-66065 vulnerable 2026-06-08 07:39:21.186419 WordPress Gutenverse plugin <= 3.2.1 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in Jegstudio Gutenverse gutenverse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse: from n/a through <= 3.2.1.
Published: 2025-11-21T12:29:55.513Z
Updated: 2026-04-28T16:14:15.667Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-43920 vulnerable 2026-06-08 06:45:53.221886 WordPress Gutenverse – Gutenberg Blocks – Page Builder for Site Editor plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jegstudio Gutenverse allows Stored XSS.This issue affects Gutenverse: from n/a through 1.9.4.
Published: 2024-08-29T18:12:44.222Z
Updated: 2026-04-28T16:10:13.558Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-3692 vulnerable 2026-06-08 06:43:51.231021 Gutenverse < 1.9.1 - Contributor+ Stored XSS
The Gutenverse WordPress plugin before 1.9.1 does not validate the htmlTag option in various of its block before outputting it back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Published: 2024-05-03T06:00:02.337Z
Updated: 2024-08-01T20:20:01.145Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-38785 vulnerable 2026-06-08 06:41:48.104040 WordPress Gutenverse plugin <= 1.9.2 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jegstudio Gutenverse allows Stored XSS.This issue affects Gutenverse: from n/a through 1.9.2.
Published: 2024-07-21T21:10:09.429Z
Updated: 2026-04-28T16:10:06.743Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-35875 vulnerable 2026-06-08 06:06:28.032000 WordPress Gutenverse – Gutenberg Blocks – Page Builder for Site Editor plugin <= 1.8.5 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in Jegstudio Gutenverse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse: from n/a through 1.8.5.
Published: 2024-12-13T14:23:40.992Z
Updated: 2026-04-28T16:08:29.844Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.