Cross-site Scripting Vulnerability in Gutenify Plugin by CodeYatri
CVE-2025-53324

5.4MEDIUM

Key Information:

Vendor: WordPress
Status: Gutenify
Vendor: CVE Published:; 6 November 2025

What is CVE-2025-53324?

The Gutenify plugin by CodeYatri is vulnerable to a stored Cross-site Scripting (XSS) issue due to improper input neutralization during web page generation. This vulnerability allows attackers to inject malicious scripts, which can be executed in the context of the user's browser. Users with versions of the Gutenify plugin up to 1.5.7 are at risk, particularly those who allow untrusted input through user interfaces or comments. Secure coding practices are essential to mitigate this vulnerability.

Affected Version(s)

Gutenify <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/gute...

vdb-entry

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 6, 2025
Vulnerability Reserved
Jun 27, 2025

Credit

LVT-tholv2k | Patchstack Bug Bounty Program

JSON