Gutenberg
This hub aggregates every CVE we track for Gutenberg, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM3LOW1HIGH1
Monthly trend
1
0
0
0
0
0
1
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Gutenberg.
- CVE-2025-64354WordPress Gutenberg plugin <= 21.8.2 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-13284Gutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-0488.8
- CVE-2024-37492WordPress Gutenberg plugin <= 18.6.0 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2023-38000Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block6.5
- CVE-2022-33994The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an SVG document to the "Insert from URL" feature. NOTE: the XSS payload does not execute in the conte...3.0
Product normalization is registry-driven with AI assist and human review. How it works