Cross-site Scripting Vulnerability in PublishPress Gutenberg Blocks
CVE-2025-49032
6.5MEDIUM
What is CVE-2025-49032?
The PublishPress Gutenberg Blocks plugin has a vulnerability that allows improper neutralization of user input during web page generation, leading to stored Cross-site Scripting (XSS). This issue particularly affects versions from n/a through 3.3.1, posing security risks as attackers may exploit the flaw to inject malicious scripts into web pages.
Affected Version(s)
Gutenberg Blocks <= 3.3.1