PT-2026-26273 · WordPress · Themehunk Gutenberg Blocks

Jarno Vos

Publicado

2026-03-19

Atualizado

2026-04-09

CVE-2026-25438

CVSS v3.1

7.1

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions ThemeHunk Gutenberg Blocks versions through 1.2.8

Description A flaw exists in ThemeHunk Gutenberg Blocks that allows for Reflected Cross-Site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. The vulnerability could potentially allow an attacker to inject malicious scripts into web pages viewed by users. The affected API endpoints and vulnerable parameters were not specified.

Recommendations Update ThemeHunk Gutenberg Blocks to a version later than 1.2.8.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2026-25438

Produtos afetados

Themehunk Gutenberg Blocks

PT-2026-26273 · WordPress · Themehunk Gutenberg Blocks

CVE-2026-25438

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6