ByteOS Network

Gutenberg Blocks

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-48332

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.11% / 30.66%

7 Day CHG~0.00%

Published-14 Aug, 2025 | 10:34

Updated-14 Aug, 2025 | 14:42

WordPress Gutenberg Blocks <= 3.3.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PublishPress Gutenberg Blocks allows PHP Local File Inclusion. This issue affects Gutenberg Blocks: from n/a through 3.3.1.

Vendor-PublishPress

Product-Gutenberg Blocks

CWE ID-CWE-98

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

CVE-2025-49032

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.04% / 10.41%

7 Day CHG~0.00%

Published-03 Jul, 2025 | 12:09

Updated-03 Jul, 2025 | 15:13

WordPress Gutenberg Blocks plugin <= 3.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PublishPress Gutenberg Blocks allows Stored XSS.This issue affects Gutenberg Blocks: from n/a through 3.3.1.

Vendor-PublishPress

Product-Gutenberg Blocks

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')