CVE-2026-2924: Gutenverse WordPress Plugin XSS Vulnerability
Plattform
wordpress
Komponente
gutenverse
Behoben in
3.4.7
CVE-2026-2924 is a stored Cross-Site Scripting (XSS) vulnerability. It allows authenticated attackers with contributor-level access or higher to inject arbitrary web scripts into pages, which execute when a user accesses the injected page. This affects the Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress in versions up to and including 3.4.6. The vulnerability is fixed in version 3.4.7.
So beheben
Aktualisieren Sie auf Version 3.4.7 oder eine neuere gepatchte Version
Häufig gestellte Fragen
What is CVE-2026-2924?
CVE-2026-2924 is a stored Cross-Site Scripting (XSS) vulnerability in the Gutenverse WordPress plugin that allows authenticated users to inject malicious scripts into website pages.
Am I affected by CVE-2026-2924?
You are affected if you are using the Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress version 3.4.6 or earlier.
How do I fix CVE-2026-2924?
To fix this vulnerability, update the Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin to version 3.4.7 or later.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten