CVE-2025-11162

Name of the Vulnerable Software and Affected Versions Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress versions prior to 2.19.15

Description The software is susceptible to a Stored Cross-Site Scripting issue because of inadequate input sanitization and output escaping. This allows authenticated attackers with Contributor-level access or higher to inject malicious web scripts into pages. These scripts will execute when a user accesses the compromised page.

Recommendations Update to version 2.19.15 or later.