Does Gutensee have any unpatched vulnerabilities?

No. All known vulnerabilities in Gutensee have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Gutensee compatible with WordPress 6.7.5?

According to WordPress.org data, Gutensee 1.0.7 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Gutensee compatible with PHP 5.4+?

Gutensee requires PHP 5.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Gutensee updated?

Gutensee was last updated on Jan 3, 2025. Frequent updates are generally a positive security signal.

What is Gutensee's security score?

Gutensee has a WP-Safety security score of 91/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Gutensee Security & Risk Analysis

wordpress.org/plugins/gutensee

Gutensee is a Gutenberg base block plugin that helps to build a beautiful block websites.

0 active installs v1.0.7 PHP 5.4+ WP 5.3+ Updated Jan 3, 2025

blockfsegutenberggutenseewidget

A · Safe

CVEs total1

Unpatched0

Last CVEDec 11, 2024

Download

Safety Verdict

Is Gutensee Safe to Use in 2026?

Generally Safe

Score 91/100

Gutensee has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 11, 2024Updated 1yr ago

Risk Assessment

The "gutensee" plugin version 1.0.7 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by exclusively using prepared statements for its SQL queries and ensuring all output is properly escaped. It also correctly implements a nonce check and avoids using dangerous functions or bundled libraries. However, significant concerns arise from its attack surface. The plugin exposes one REST API route without any permission callbacks, creating a direct entry point that is unprotected. While static analysis and taint analysis did not reveal immediate vulnerabilities in the current version's code, the presence of an unprotected REST API endpoint is a critical security oversight. The plugin's vulnerability history includes one medium-severity CVE related to Cross-site Scripting, which has since been patched. This past vulnerability, combined with the current unprotected REST API route, suggests a need for greater vigilance in securing all entry points. In conclusion, while the plugin excels in secure coding practices for SQL and output handling, the unprotected REST API endpoint presents a tangible risk that requires immediate attention.

Key Concerns

Unprotected REST API route
Past medium severity XSS vulnerability

Vulnerabilities

Gutensee Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-54360medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Gutensee <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Dec 11, 2024 Patched in 1.0.7 (27d)

Code Analysis

Analyzed Mar 17, 2026

Gutensee Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

359 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

100% escaped359 total outputs

Attack Surface

1 unprotected

Gutensee Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

POST/wp-json/custom/v1/send-mailinc\blocks\contact-us.php:165

WordPress Hooks 13

actioninitgutensee.php:43

filterbody_classgutensee.php:52

filterblock_categories_allgutensee.php:73

filterblock_categoriesgutensee.php:75

filterwp_theme_json_data_themegutensee.php:99

actionwp_headgutensee.php:110

actionrest_api_initinc\blocks\contact-us.php:164

filterexcerpt_lengthinc\blocks\latest-post.php:29

actioninitinc\blocks\navbar.php:5

filterexcerpt_lengthinc\blocks\post-query.php:38

actionenqueue_block_editor_assetsinc\script.php:5

actionenqueue_block_assetsinc\script.php:13

actionadmin_enqueue_scriptsinc\script.php:28

Maintenance & Trust

Gutensee Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedJan 3, 2025

PHP min version5.4

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Gutensee Alternatives

Widget Logic

widget-logic

Widget Logic lets you control on which pages widgets appear using WP's conditional tags.

100K 2 CVEs

Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets

widget-options

0ddcemmihs4a843ekhaoofzosrunf4bl Widget Options gives you super powers to control your site’s sidebar widgets and all Gutenberg blocks on pages, posts …

100K 7 CVEs

WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder

wdesignkit

3000+ Elementor Templates, Gutenberg Templates, Widgets Builder for Elementor, Gutenberg & Bricks, Cloud Workspace & Figma Files, 160+ Widgets Library

30K 3 CVEs

Classic Editor and Classic Widgets

classic-editor-and-classic-widgets

Disables Gutenberg editor totally everywhere and enables Classic Editor and Classic Widgets.

20K 2 CVEs

No Gutenberg – Disable Blocks Editor and Global Styles – Back to Classic Editor

no-gutenberg

100

Complete elimination of Gutenberg Block Editor, FSE Global Styles, Block Widgets, Patterns, and WooCommerce blocks. Back to Classic Editor.

9K No CVEs

Developer Profile

Gutensee Developer Profile

premila

1 plugin · 0 total installs

trust score

Avg Security Score

91/100

Avg Patch Time

27 days

View full developer profile

Detection Fingerprints

How We Detect Gutensee

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gutensee/build/index.js/wp-content/plugins/gutensee/assets/css/animate.css/wp-content/plugins/gutensee/assets/css/menu.css/wp-content/plugins/gutensee/assets/css/style.css/wp-content/plugins/gutensee/assets/css/font-awesome/css/all.min.css/wp-content/plugins/gutensee/assets/css/slick.css/wp-content/plugins/gutensee/assets/js/font-awesome/js/brands.js/wp-content/plugins/gutensee/assets/js/slick.min.js+1 more

Script Paths

/wp-content/plugins/gutensee/build/index.js/wp-content/plugins/gutensee/assets/js/font-awesome/js/brands.js/wp-content/plugins/gutensee/assets/js/slick.min.js

Version Parameters

gutensee-main?ver=1.0.0gutensee-animate?ver=1.0.0gutensee-menu?ver=1.0.0gutensee-style?ver=1.0.0gutensee-fontawesome-css?ver=1.0.0gutensee-slick-css?ver=1.8.1gutensee-fontawesome?ver=1.0.0gutensee-slick-js?ver=1.8.1gutensee-slickslider-theme-css?ver=1.8.1

HTML / DOM Fingerprints

CSS Classes

gutensee

HTML Comments

failed to copy

failed to copy $plugin_dir_left to $theme_dir_left...

FAQ