PT-2026-44209 · WordPress · Gutenbee
Athiwat Tiprasaharn
·
Published
2026-05-28
·
Updated
2026-05-29
·
CVE-2026-9227
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
GutenBee – Gutenberg Blocks versions prior to 2.20.2
Description
The plugin is subject to arbitrary file upload due to a flawed substring check in the
gutenbee file and ext json() function. The strpos() function only verifies if the filename contains the string '.json' instead of ensuring the file ends with that extension. This allows authenticated attackers with author-level access or higher to bypass validation using double-extension filenames, such as 'shell.json.php', to upload executable files and achieve remote code execution.Recommendations
Update to a version newer than 2.20.1.
Exploit
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gutenbee