CVE-2024-9234

CRITICAL EXPLOITED NUCLEI

GutenKit - Unauthenticated RCE

Title source: llm

Description

The GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the install_and_activate_plugin_from_external() function (install-active-plugin REST API endpoint) in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins, or utilize the functionality to upload arbitrary files spoofed like plugins.

Exploits (3)

nomisec WORKING POC 2 stars
by RandomRobbieBF · remote
https://github.com/RandomRobbieBF/CVE-2024-9234
nomisec WORKING POC 1 stars
by Nxploited · remote
https://github.com/Nxploited/CVE-2024-9234
github WORKING POC
by Boshe99 · pythonpoc
https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2024-9234

Nuclei Templates (1)

GutenKit <= 2.1.0 - Arbitrary File Upload
CRITICALVERIFIEDby s4e-io
FOFA: body="wp-content/plugins/gutenkit-blocks-addon"

References (4)

Scores

CVSS v3 9.8
EPSS 0.9340
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-04-23
CWE
CWE-862
Status published
Products (1)
ataurr/GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor < 2.1.0
Published Oct 11, 2024
Tracked Since Feb 18, 2026